opt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xff, 0x800) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000240)=""/215) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="757408000000000000002f66ec17a8fa6f77657264490fcb030000006c65312c776f726b6469723d65310000"]) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 475.567424][T25570] FAULT_INJECTION: forcing a failure. [ 475.567424][T25570] name failslab, interval 1, probability 0, space 0, times 0 [ 475.630569][T25570] CPU: 1 PID: 25570 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 475.639718][T25570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 475.649776][T25570] Call Trace: [ 475.653111][T25570] dump_stack+0x172/0x1f0 [ 475.657454][T25570] should_fail.cold+0xa/0x15 [ 475.662062][T25570] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 475.667879][T25570] ? ___might_sleep+0x163/0x280 [ 475.672751][T25570] __should_failslab+0x121/0x190 [ 475.677712][T25570] should_failslab+0x9/0x14 [ 475.682222][T25570] kmem_cache_alloc_trace+0x2d1/0x760 [ 475.687605][T25570] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 475.693425][T25570] __memcg_init_list_lru_node+0x8a/0x1e0 [ 475.699074][T25570] __list_lru_init+0x3cf/0x6e0 [ 475.703844][T25570] alloc_super+0x762/0x890 [ 475.708265][T25570] sget_userns+0xf1/0x560 [ 475.712595][T25570] ? get_anon_bdev+0xc0/0xc0 [ 475.717187][T25570] ? get_anon_bdev+0xc0/0xc0 [ 475.721778][T25570] sget+0x10c/0x150 [ 475.725591][T25570] ? ovl_show_options+0x550/0x550 [ 475.730639][T25570] mount_nodev+0x31/0x110 [ 475.734975][T25570] ovl_mount+0x2d/0x40 [ 475.739048][T25570] ? ovl_own_xattr_set+0x10/0x10 [ 475.743990][T25570] legacy_get_tree+0xf2/0x200 [ 475.748675][T25570] vfs_get_tree+0x123/0x450 [ 475.753211][T25570] do_mount+0x1436/0x2c40 [ 475.757550][T25570] ? copy_mount_string+0x40/0x40 [ 475.762499][T25570] ? _copy_from_user+0xdd/0x150 [ 475.767357][T25570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 475.773598][T25570] ? copy_mount_options+0x30e/0x440 02:34:52 executing program 4: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002740)}, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x100000002, 0x70, 0xfffffffffffffffc, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x106, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f00000002c0)={0x6, 0x118, 0xfa00, {{0x8000, 0x9, "34382425508d1bd577f0eb4625794d4c6c6953d76404d8264b4da84ba2eee3ecdd0f1516df45cdcb52feee8b6dc47ddaf80444163d630502d36b8e4f5419b0cf9fab43be36ee891a2b2c3e72e35f5cd679907fa28fd911088f6078a645bafa6cda6796f41717928039bf22b762d5724961adeb338913a647e42ade4e9595fbd8877f24dab5050c939983d3546bedb004abea81db0502fde24dec7ea66973535062e9c8dde053a0faa4b00800694cbd16e57e9b34ceabfa7a17890533bd44640ee932b0444eceb253fb1ee016b106494fc6bbbb3212efc7799b541b1da5097181f0353abe142cf0fed7079d543390a2f87e802a6365157516e4c69af26526f33a", 0x70, 0xfffffffffffffff8, 0x4, 0x6, 0x0, 0xffffffffffffffcf, 0x40}, r2}}, 0x120) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) fcntl$dupfd(r1, 0x406, r0) [ 475.778811][T25570] ksys_mount+0xdb/0x150 [ 475.783060][T25570] __x64_sys_mount+0xbe/0x150 [ 475.787744][T25570] do_syscall_64+0x103/0x610 [ 475.792346][T25570] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 475.798237][T25570] RIP: 0033:0x457e29 [ 475.802135][T25570] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 475.821747][T25570] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:34:52 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x200800, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f00000000c0)={0x6, 0x6, 0x2, 0x536f, 'syz1\x00', 0x9}) r1 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0xc040563e, &(0x7f0000000040)={0x3}) 02:34:52 executing program 3: lstat(&(0x7f0000000680)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, 0x0) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$kcm(0xa, 0x40122000000003, 0x11) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f0000000700)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;<\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM\x0eV5\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1eD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4N\x00%q\x00\x00\x00\x00\x00\x00\x00\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) [ 475.830142][T25570] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 475.838094][T25570] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 475.846044][T25570] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 475.853994][T25570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 475.861958][T25570] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 475.986363][T25556] hfs: can't find a HFS filesystem on dev loop1 02:34:52 executing program 4: r0 = socket$inet6(0x10, 0x3, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0xa3, "586284d9b3e559aa66f119e1d4f5c554cb3a9f594f7931cb20caf8323861ff7c6a9f5dc05dc64e02c964093b6ba5755414d955d71406403f4feaabff5956efef94f83a17241aecf868c9e08c156bcbec3fd0a6b7bf17662e78e0efa5057dd51d51f39a529bb8305bc5d3c9084a42e296e2482398de2eb7de5327e4de8cdb9adedec04dd7ca9fa0d63da4e0523b12ed25dce3cfd176f38c573a2daa9dbe932dc4c4244c"}, &(0x7f00000000c0)=0xab) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r1, 0x40}, 0x8) [ 476.067259][T25614] overlayfs: unrecognized mount option "ut" or missing value 02:34:53 executing program 0 (fault-call:20 fault-nth:23): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:34:53 executing program 2: sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000498000)={0x0, 0x0, 0x0}, 0x0) mremap(&(0x7f0000949000/0x4000)=nil, 0x4000, 0x1000, 0x2, &(0x7f0000ffe000/0x1000)=nil) r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xfc3, 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x8, 0x58, 0x6, 0x6}) madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$SIOCX25SENDCALLACCPT(r1, 0x89e9) 02:34:53 executing program 1: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x100, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xe, 0x4, 0x4, 0x7cb, 0x0, r0}, 0x2c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) getgroups(0x6, &(0x7f00000001c0)=[0x0, 0xee01, 0x0, 0xffffffffffffffff, 0x0, 0xee01]) setgid(r3) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r2, 0x400000000000}}, 0x10) bpf$MAP_CREATE(0x4, &(0x7f0000000180)={0x3, 0x0, 0x20000000, 0x0, 0x711000, 0x0}, 0x2a) 02:34:53 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r0, 0xc0884123, 0xfffffffffffffffe) pwrite64(r0, &(0x7f0000000100)="4c1e0a4212aa43446d97a1ef3c8dbc8bf748df4d40238e90bed2688b391f5e77698360a890df8f268832cc0fceea7a20e8078b531cca75c8fb1a70aee7d045d0b3eb46d0b8c7ed22ddf97b7ab46ed8ffea48df3771b78b294321d775752d001497be82a450211f0828a37f5f7fcc2e091530cf594db1eba3bdc2cc864384fe33c0f2d24993a30afe3ac72b17ecf5f841fd5a77fe1c96d761fc930f2355ef9489bb9a8051b92dedb963b6159c74b55994e2e70546a96f281df736fb9d8b7c4fece532bb141a3cb0e4fb61b2b0fb27cd05734c9819b048e9cca2b8abfee895b23374d98cb117b8588947d0563375511a323a869575782cc3f95cee0868a94a9882d3d2fb5c8bc5bbc13b75dc0607e7d4ca929e54b9bee41e54896bfabca216f0b2a7e6b556b79927ce538245d0aad878229d33ef4d2be2b37ae751942c606ef51fe057321e4797117e4c206eb9cf9e901c808ac96fb9048c7ba88da6433c0b9cd6e95088085ae65dec518c3ed8bb2d995948b458c5decefdd071af11401134e57343fcf5169e400b6d79656188e3ffcafb2bfe2f4383f87239094667b0bdb375bc4ce0d19100955a1429e378eab034d39f56cebd8698647a5e6eaa47c3e9e4ac8d59511f939903b137a70fe61f317d09cb0c612b356290ab278c043be321973e6e499734e26138feab3798d96b34c41fdef4b13a1e9dcb9acd18d971da9a3cb0909ad74f32a91a8a6f72ca922cff6712f51b225c984e8c4d9c772720fedac12e0ca6962d92632480d693316aff955df5931aefb07e587da8a27c136155d408a1bc1a1b4956bfff0e9fb4070665bdc34343dd9cac86729acedc3091889fe1145fdc3a8accdc19fd49fa134a7de2d1f896931fc99dc92ce8761cbeb91777f71aa503dca85ce9a46ef485023ebfdf2b8c55cd7acf5011e014080787ea14485928d07de771cee80a711a4f3284c01b1f96b360052c1742498bbe9d350058ed17b1486a5dd8730ea7b76ca301ee0ac79018edc1bd28ab6c4584a76ef973962aa32fb1cabedeabbed86c8ee6eeb71c28d919d83cc9c1965078389afb3e46bb2e5bc94dda797402f44b8a85fe832d76e58ff3d193779f1df8a2d23781a56e671ea84e53f728d73776d4ff7048fd29d71b25a8c6a1583eb0dedb4df0238e3e3053944890696ca7a1c737b007f072d247d6a6ef3bdb43af90c18282f86a8dbc6fb0b055451615d9f8384c2d5c0a510d979087b5def27b8f448bc03851d2650d061ff9c1ab3e7ad41f546253b7c99e048ac2506f3c4236cbf688cb58e9dcd7976b204d20ab3525aded98a9f2925527f6a4e4e7e9455008b0e087ed97ecc3ddd9c7fd26bb6d9db08d347228a678102a73d8141ab00a911fb69e51dda488de52122f1cfb758b31beb33f4aac50f121d45bfc79296d2bdcc8ed222eb74ba5982c5568dadc4fd6251c9a5396e6d24cc3deb6306c622e69a4a937fb9b58c6e8f3a9cbf15fc93b812ae59632b6fc5309df918c8d999bb21a6058530d99078026fd4c390cf8b364160f388c201117daf827bb67a96517b327851ba7c53e92d27d1fc9e3ade113577fd6b393e23adb0cf26b3420e86e17c24b6139727147c499c9d331710b7251b5c18488a922a8af410fe403d00c9c7cee54c62e2a5377d20bf533ddff595ecbf12c575d7f22b687d9f79de3ddfd28e3916389d1d1345f3277cec2e6b09585f846c680dbd58dfa843691ff0d5abb98f6bd4f8c664e57605a9fc237ca42ebd02ebfb4e63a7ca042c0d12a8a1c11f25aa8514306000fc41f5eb557790be8a456a2f9eb124e97d52c9fd29bd81ced7087708fafdb5234dc9c22a57081c437a4481dab99c77c1c45a253c569eae2b4928178b7fd3f539003773ba4c2035327b631c94d7dd83e0311e605966715b46962e6128ba0dfd0cfdd9849b1d5366e7796042f658ea0fa1e9c11c917d1004d3fc93dd4e4ebf775d08b840c138e98d99c3e91bd6aba733971e9464635e1c7fc088d311a175619c23887fdf5a0649d233423a0e40d57c16dcff18b28d9fb670624d6ff4e07cd7007ee40a43880448559538dae7d28a87863ca09808d8f821fd07e401c3ad639410f1f604d33d608f70c137ab55aa1fcc96186a3b9b41269613b54043b3f6b02eab231046b9aa9ae01228831407a548668b3eda76d11f00b7e6fafcc8b3fe84af3c32f1fc2c38b9578b1e3eb9742dd2d606987a705429ab59af59c4cbff9273db87d1a6e2247dba3bcfd11d08df704e9bcf292daafc72dc5965f4fa1e09ff42946c66032c932ab2e936a1d433e35e8b1bd792365c46b9575b4ed9fe3f833980938d7f5b9f5d8b20b7acc3e9f9378550fd08ea78788d716f21f256736da44d7cb13c6470af0c76d322e000901409531278fa6e3499ed7edc71f05cc993b540c937369320e845ea5f9c44bb305e956cedd8003e9291cb12beb78a642c2a570c88ae2ebd411ce195663b491dbf091d2fb5bc1ea32c8108e42ba0cc718aff6a3af672af3b5fe75c4a946466194b3cf2c6cc35f69d4e78c45924692df1fb014d1dede583ae74ddae5dfb3f22e0435c5d1056825c95029a4f8558ba2d36d7ce155926a93afc0e702a505d17fdce06d7b7ead0e77341d5d2ff47166c0ceef6b79de3a0ae9cbb6b238651ea6d17f03a544d98a0677de9b8dd19bcd844a81dba4b4cee5c403f256c08769db1739eb92e700a4cc5f86551d980dba419dee2e5ebf174b76946361911fc32c9a1a4547db99ff27c2b00917d82d10862e82e79763f014cc3610f85e847c9250ad2436969bd1c8a1e3ad8d910644d89c2fa6470414f0dace42c553518f6d362f3fc3c415e5d480102b3cc353d41b5803fb1d60bd1e0d0aa928151efa722fbdb1f3e0de40ebb99404fb71d5fae540264fbf114c6b389401d7f9dcca4eaa791f0d8918a0e66dcd2e3d7a5641224468da6967ff83706f216f9b0b4778452a9d5d7a014c97b54d22d782515bcb1952799c140e670dd4e11bace68197c1a83989f8d8a3728848ff2fe6ce65a3bdd77324c429709d16814c8ee52c247ec9a6fd5e515d3046352e6c73e792fb462d8a995c03221f760cd63751e028e185dda1c440dfe85dfe9affffecb61b343287f63b41e7f0f2307a95e8bb38f35109766a49a160bcb5c2ed04dba125fd7ef38a1cc448e728c66112d579940561aa1b85824bfb1c8aa8a97385a4a76930de1253fad918454c215fe82c4bbf1857db3e020a5ec4e2c6362a1e69be5fa23bd1b8bb01431107ab7912e6abda270da0976eda07096a9ecc48845cff7122ead0b47ae0b378c62a4bf802bee3a8123ef6c75c421634128231cc1b905f6001f36bf6cc32aa0d3b2ca0350d14b06544c586ea7b4f8017c73e455a55c9a188b14819a9e101968fc6cf8b1f3552a7f81400c4acbedea5244d09a4dc62cc1bb61160eb94494719d0a157a7e8d31aa3ab4dc879fc8ff5ee729b0108f49f53ec43b2d08e3658bafbfef334504f1ecc896b79cbf1261dfe3da874a60697c3b07d3b2c95c3fac9e711f81b3d2d40ff43c8a98f6f0bc181e5e0dc4cb1c33fff4ca4bd7a39d2c03170a21a58b55e2796d8d145bbf2dfc54173e51a9c44df6767a6c4c54be7db07e555db386f4b10491dc1815ad32bd94cc917407ed662b4d0afa9827ca3c8f04e25ffe04be106ce738f8971f04bf02d9507cc6f21aef66a0ebd18a4b7282269328bb016318d167d4e2dd8ae6c6baa1c8115c6a4dacbec1f81134dff69f949c1f7bf7634c13e17fd56a7c00135898842f5732fab0fafd358a4bf1bbf7527527b1aede1230dfeb771a360d23b3c25ad6c320d8f72b72e1b58f3808968c682d019d5c7a847670eb00f7001733408f0995125f801f385f7cbd8c3d766cbb851473195e4f471626c9e17a3ae44fd0c2159b941c46fe4704a786e74762eb03c90216b52ef0c7f3cdf6fd03a4cd684f59da21a579ed234e2f941135cc295d8bdfcd727124c37af26018d3710e1fc8f7ffd3f38e47e4f9f7d982b00d336229d2380d0a9ccd6e5dc8865ff2815e28523178204730cd3a74adc686cae77e6152d18597ccf3fe902a58766fb17c9f7ea6463d080fda835960eda14544da76d97970d0fa77bd53d160ab6e177653268be2827779ae02fd2c77f9e5f0a6082b3a73123205a3dbdd527a7723afacc5b63a2c4d2b31e1ad85c041636902f848d33bf333c3091a43864b89cade4ce51650730eeac8c09bb952448c00fa5540b6439a3fbe651094332268e90ba5482eb0d167f5fe0b915f4ef748918bf6c107b7a70c9fa0e6d0cee0389de4085c7f161418e1adafd040a1dfa47dd7f1a3de8636f8d391a36c52bd9731299d027174a9031284b005288eefe44108ae024cd0725fac05f38bc15c03901cb9048babac66b0016ffcb2d938b922bb2b7c22839293e286286429e5054c5a47c76c2a392c6944550b75ae90b394210b3ce1d42cc45627f70bbafaf4bab88e2fd11cf7e25259d6a69eff16b39e8f345ed7d95e118954715dceb3bcbef67e8052eb31361a52d7def0b24977d144df0458945485668a5098a73075aedf41d50a5887335a34c0d7eb166e22b9ee74d12b9ff09926899045064b3079ae8f54d007b0c5909fe26a3abb2253ad8856e94ffb762d29e408ead26ab29d5f486333430e2d097971776ddb4db4dab0620bcd93ffb92fb956ea11fe5e1caf6e05cce1edfe5a38f458ecb4d5865e3c2410ad01651d174061ec7f3ef0e6798f4035299b983e23982ed4dc2e4abd33fbd6c5915cf02fd71b0009232283be22ec63b5c4efedd813831f4a1980a648afee67ce0406bac6476b158bce4a52256da297557c0324b8e4862f51ecf0356447c003badee839006329c8e68a926f8d38c0712713be2b5ca2bc905fbe040ab2a9a0002bdd06273bcad798f7bce54a56305383df0f9e38dd9472ecdae51806f0074d76a2a6df2c5863c974d4af899b5ec48fdf03b4563224fd00abf73e0ff36b823dc2e1183d67cd3428bf8690986265e5a565ef9dfac51d5de0945d83a5b08894eeda7a7a44d0c8de6e7cd2747fb6be89a80e836b26112a3b42fa87a3df285ec11b9a36c658ab3042e649febe2d6b29208dea893141348785f05c0734adefd24e7f7d5bd678ea9f76b5241595e3d5f1b9c3accda6503d28cdbb235c884936acafc09c440666cf8255fb74c318afb7af2c3181d410c19debefd47d9700675d74aa1db7bfe45be775c192887c226f4fe16a3b4bc516e28855b967b56492e15260fd25834a5fcce0e6781edf23f241f680db0dd9e53119607f0326f1c22416299f61b602149293cf440a865709af4b3ffdfbc2487b5d6f6d5c3970b15737095041fdb39682a2339a80fcc65ecd809271413a35ea81e796cdcab8755ed9d9787763183f1d37347d0f1da1b275fad7e44e57c90a8db9cc4f5f395001b8b1935c6acd1cac51fd084c41a12ad4698427e8e5739f4aca299b96605bf5d3762c68e8e89d7cde164172713caaa4bfd464f20708a26f9db7e08f197707a8e0369b8371218acc7a25b89b3a5ff65877121d7e8697534c1dc65935e46529cb4a445177fe3605db50522ed585eea53c41c0fcd6015dd6f3fa52d15b7c8a1b0de067649a7d1c73dd4100ed2207126f70c970e89726af755d50eb483a3da504699758f8a4989aa67f32cbddfbebefa7ea28b2c01c764b9741f90b7e27c75cb3ca39d83409d4af77ce0f7d2753966fc08602674bf9968689126edaba40cd803d3d9d260cd18b451af13a61c7880ed28892417d1bbf13ceb7c6ac1e1cd56d4a93909e8", 0x1000, 0x0) 02:34:53 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @local, 0x2}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000003c0)='ip6_vti0\x00', 0x10) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) fcntl$setstatus(r1, 0x4, 0x6000) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) [ 476.189358][T25624] overlayfs: unrecognized mount option "ut" or missing value 02:34:53 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) r0 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x7, 0x200280) ioctl$VIDIOC_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000380)) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:34:53 executing program 1: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040), 0x8) listen(r0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x200, 0x0) setsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f00000000c0)=0x7925, 0x4) connect$bt_sco(r0, &(0x7f0000000080), 0x8) 02:34:53 executing program 3: r0 = socket$rxrpc(0x21, 0x2, 0xa) r1 = dup(r0) ioctl$IMCTRLREQ(r1, 0x80044945, &(0x7f0000000140)={0x3550f7b1fabe89ab, 0xc757, 0x8}) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f0000000000)=0x2000000, 0x4) r2 = dup2(r0, r0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x2, 0x0, 0x10001, 0x81}) dup2(r2, r0) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000100)={0x101, r3}) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x90501, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r4, 0x400443c9, &(0x7f0000000080)={{0xcba, 0x7000, 0x688, 0x8, 0x9, 0x5}, 0x2}) 02:34:53 executing program 2: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8, 0x20000) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f00000000c0)=""/27, &(0x7f0000000140)=0x1b) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000280)=0xff, 0x4) r2 = msgget$private(0x0, 0xd34ad5098f958b2d) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0xc) r4 = getgid() r5 = geteuid() getgroups(0x2, &(0x7f0000000240)=[0xee01, 0x0]) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000002c0)=0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000300)=0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000000340)={{0x200, r3, r4, r5, r6, 0x100, 0x1}, 0xe000, 0x9, 0x8, 0x6, 0x2, 0x400, r7, r8}) sendmmsg(r1, &(0x7f00000002c0), 0x4000000000000ce, 0x0) [ 476.539763][T25649] FAULT_INJECTION: forcing a failure. [ 476.539763][T25649] name failslab, interval 1, probability 0, space 0, times 0 02:34:53 executing program 3: r0 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = epoll_create(0xcc0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, &(0x7f0000000000)={0xa0002003}) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000040)={r1, 0x0, 0x8000, 0x3, 0x2682}) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000140)={0x0, 0xfffffffffffffffe}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f00000001c0)={r3, 0xe98}, &(0x7f0000000200)=0x8) r4 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x5, 0x204000) ioctl$EVIOCGKEY(r4, 0x80404518, &(0x7f0000000080)=""/36) 02:34:53 executing program 1: syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x3ff, 0x5, &(0x7f00000002c0)=[{&(0x7f0000000080)="57f631c47518fa4a7b0539abacc3da4cc0f0d35ae10b6bcb5da47d1b27521040196c3903510ca0eee0615b8a29de5b3a5e68a0f4a48e1e5084eecc", 0x3b, 0x6b6}, {&(0x7f0000000100)="f3ffab5faa7c4a0314d794c2652e0fe7b5f93d5bfe800bdb2439d7d9588b382bda840c0c25bc35d1de122e8fe52aa72652c20556c500da0ccc4d66c48d9af7cc67d74733eb4d6d79b0e24dd3bdbd99bd4b3bfabb65fd7f5ce1faee5b90244e7d56d91d17eb30546e1ed92fc7dee62cf515719b48a5168ed37a7ca737e3897841044285add51b2f4e9ad814c6b51bf123a8090021dc85fb1bf9168dfb01915ab5886f6ce61c6c90146c91d1757d92c6a558745add160d4eaaff3ef6e2f7aa4903fd6cd92d4711fe1c302ac3c4b6fff734b48d4482a19201a0ff6863eb8701c2f9c63bf4af994df0d4", 0xe8, 0x5}, {&(0x7f0000000200)="b5a6073b17f179752e44", 0xa, 0x3}, {&(0x7f0000000380)="81df0e58e36fe48f", 0x8, 0x9}, {&(0x7f0000000280)="cd6aabb2f2fbc898cd5bbed714c27a419c1e05aa5db4f0ccb515a19359a2979cd3d897bde20fdbfb46e3d406", 0x2c, 0x6}], 0x1000000, &(0x7f0000000340)={[{@nobarrier='nobarrier'}], [{@subj_role={'subj_role', 0x3d, '!:+em1'}}, {@dont_measure='dont_measure'}]}) syz_mount_image$hfsplus(&(0x7f0000001900)='hfsplus\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x375, 0x0, 0x0, &(0x7f0000001740)={[{@session={'session', 0x3d, 0x100000000}}]}) r0 = accept$unix(0xffffffffffffff9c, &(0x7f00000003c0)=@abs, &(0x7f0000000240)=0x6e) getsockopt(r0, 0x8, 0x8, &(0x7f0000000440)=""/52, &(0x7f0000000480)=0x34) [ 476.584293][T25669] overlayfs: upper fs does not support tmpfile. [ 476.613378][T25669] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 476.665627][T25649] CPU: 0 PID: 25649 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 476.674790][T25649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 476.674797][T25649] Call Trace: [ 476.674817][T25649] dump_stack+0x172/0x1f0 [ 476.674849][T25649] should_fail.cold+0xa/0x15 [ 476.697072][T25649] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 476.702914][T25649] ? ___might_sleep+0x163/0x280 [ 476.707779][T25649] __should_failslab+0x121/0x190 [ 476.712722][T25649] should_failslab+0x9/0x14 [ 476.717226][T25649] kmem_cache_alloc_trace+0x2d1/0x760 [ 476.722600][T25649] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 476.728418][T25649] __memcg_init_list_lru_node+0x8a/0x1e0 [ 476.734064][T25649] __list_lru_init+0x3cf/0x6e0 [ 476.738844][T25649] alloc_super+0x762/0x890 [ 476.743268][T25649] sget_userns+0xf1/0x560 [ 476.747625][T25649] ? get_anon_bdev+0xc0/0xc0 [ 476.752203][T25649] ? get_anon_bdev+0xc0/0xc0 [ 476.756804][T25649] sget+0x10c/0x150 [ 476.760602][T25649] ? ovl_show_options+0x550/0x550 [ 476.765617][T25649] mount_nodev+0x31/0x110 [ 476.769930][T25649] ovl_mount+0x2d/0x40 [ 476.773982][T25649] ? ovl_own_xattr_set+0x10/0x10 [ 476.778917][T25649] legacy_get_tree+0xf2/0x200 [ 476.783579][T25649] vfs_get_tree+0x123/0x450 [ 476.788073][T25649] do_mount+0x1436/0x2c40 [ 476.792385][T25649] ? retint_kernel+0x2d/0x2d [ 476.796964][T25649] ? copy_mount_string+0x40/0x40 [ 476.801897][T25649] ? copy_mount_options+0x255/0x440 [ 476.807081][T25649] ? __sanitizer_cov_trace_pc+0x50/0x50 [ 476.812610][T25649] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 476.818838][T25649] ? copy_mount_options+0x30e/0x440 [ 476.824024][T25649] ksys_mount+0xdb/0x150 [ 476.828252][T25649] __x64_sys_mount+0xbe/0x150 [ 476.832914][T25649] do_syscall_64+0x103/0x610 [ 476.837503][T25649] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 476.843376][T25649] RIP: 0033:0x457e29 [ 476.847251][T25649] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 476.866853][T25649] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 476.875261][T25649] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 476.883216][T25649] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 476.891167][T25649] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 476.899120][T25649] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 476.907073][T25649] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 476.916982][ C0] net_ratelimit: 26 callbacks suppressed [ 476.916990][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 476.929304][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 476.998118][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 477.004004][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 477.025825][T25669] overlayfs: './file0' not a directory 02:34:53 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'lo\x00@\x00', 0x101}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, 0x0) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, 0x0) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) sendto$inet6(r3, 0x0, 0x0, 0x20000001, &(0x7f0000000040)={0xa, 0x2}, 0x1c) splice(r3, 0x0, r2, 0x0, 0x1000000000000003, 0x0) inotify_init1(0x0) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil) stat(0x0, 0x0) getresgid(0x0, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getgroups(0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) syz_genetlink_get_family_id$nbd(0x0) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, 0x0) ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, 0x0) sendto$packet(r3, &(0x7f0000000340), 0xfffffffffffffd4d, 0x57, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) 02:34:54 executing program 0 (fault-call:20 fault-nth:24): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:34:54 executing program 5: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x80080, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000280)={'filter\x00'}, &(0x7f0000000300)=0x44) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000240)='./file1/file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:34:54 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet6(0xa, 0x3, 0x3f) connect$inet6(r1, &(0x7f0000000300), 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc100) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000003c0)={0x1, 0x2, 'client1\x00', 0x2, "b9777da483508ff3", "dec378023efd93d740eb06578b81f9d64757f4aeb24c14145134bcf8735ffb32", 0x10001, 0x2}) sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)="b10b9386", 0x4}], 0x1}, 0x0) setsockopt$inet6_int(r1, 0x29, 0x4a, &(0x7f0000000000)=0xe2b, 0x4) recvmsg(r1, &(0x7f0000000580)={0x0, 0x75, 0x0}, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x40, 0x0) write$UHID_SET_REPORT_REPLY(r2, &(0x7f00000005c0)={0xe, 0x0, 0x9aa, 0x7f, 0x1000, "71e8560c4134e2f64f6b3dac30cab760c653fc9c89c52b24f362c77b99b1f4d448801b9fb185e2081b63861b22f88c0b7f1777a8bb1a44cd9b7d4df780387dfc1176f2fa7dc6304e28458472faa2005e159019a319efd58471396512bf8444977198215e5e653c9edcb6c1b4831ea9b50ab9d7f2606946452ed28f2a313d335dd9a65ce53d4e2598d11407ca5a8620fc59529e8d3511d722eb5c7d2652477b12c5ec0318be5491807e76b6f1740384b04b9f6bc481d24ca870f1028ef8c81cf79c11cd6eb81caccb3cef77243a7338e0a547547b427e6f3c6cc7984a9881d9517e30663777548dca363262b9fb0caefd89ae3acd17b00275dfe54d863dc4a891ea22998a08986ced299ddc9f49f80465efc90876debaff4cc6964fb0b15344254ad71204477862903689966a33a14e8662f9189a769876a724f5c7909e84212067acb66aa68306c801a87c8eac8da7410564a7df6579cbfdc7f230f37e14c4894c7f19359d1022dd1a42a3adf6f8435000b50b3c2b688305364f71d38f7071a5fffa3702cddf89df2d26db3dc23bdbd8d09b32951020c5e78806d9cec3ce1aab6648d941acd01e42766e6de4c58eda1c682d60249857d682ad79c7189b6fc527f96be735d26e8d413d9ecbcc95d06706f9dbae99777f42055e6925b40d1200e1646cefc1f3ba3fcf438bbbcd59620231aa6dc59cbeed833b58a1d010268d9a1d384325b8729a00926961cd8e64013dabcfe8b570caf39ec378ab97b3e6a0edb3173bdd1dc81277f7c02591825defc77458b724f3277cc3e0b7e9005ee31f2101ebe4a21d87d485ef13a9bccdb8199c5198e2a4f0e9af65373d01c75282121218295c71e813486f1b68049e61bd35748bdc481ca2fac8341540e1bd3d5eeacd8cd01b54bcc10d709f69bd6b94cb1b7bf1bd77a2f21d12ac255c7b1d5b753f37ed4fc295b05c416eed2d0d79d370c32c2f3c80ebf2308255907bdb812d6809254cb58a8cbe8ad5f6b3386e2e4a364525d0e1d05d479e19b3bb13ccc8fc0ac92e41ac55c0ebe89d17141a6634803b2d0f593402fa24d3cbdc2a2cc1b10e14d474c81dad8683f04f6e01b10f934514ab3de6bda308a78abe4271836bf0c55780f8d9bd9d576e8d76bfdab3efcfd2271f8193fb6cb7209c384fe3be58702a04364045a5beef9c47b447fa121aa3fc6a921cabb025b2b9cd8a4965d46030fa9261aa8674316cad88559c8fd41aa1104b877701e132d350a2129536b2b8b450b4025bbe63ee4d641b5d596a9fd74cf1dfac712f85e9b6cb5437b59594314d0918ed3ce29d73e2497624daadcdd909cae91c803d51f6a1fb29283e36e05d00f7e8354c78af55b58902525f70d21f897726ac592601c0c6b7260eda2c03aa42bdbaa8eb25ca18d32b2628f9e1e1ee0a8a37e5a2fedcdfebd10cad85a01af334f74e55d976a20d44a6f4f10d53999aa5769ceff1ddf57dd21edbc7d21b7b79272eb4dad33751a5d9da1517007f0f4f388696be87f1b56b36cfedd07c1e44d9a3dce52701e500ea2eabdadb07926e7a26ca8c0667ebb26a5aad89cbf09f9be22bca8905af54efd6dd2454ce1cb3c7a2ef95fbcf0d796f2aa237a02619153a6ccd87b1383a8e3dbf509b63190a555c433a113f7c76b37687e275e0de3d1154a035301000ae5c1428063d9fda26c83f51fe0623b43ed5c54263cbf8dc5b18af952c8cdcfb35aa99c3deb5439943a63a7ebfbe2d5cc029c1cbf8af523768a051905ce762f3382a42567c87c497ad43e96f3f0ed93599a89c6d0bf03ed34e565dff4a7fca6fd2f1c0719047127b9ab2ad93c7a5bb7a8515f68e0074284a82882e1ac70d80c13ba667823c5cf3d17a0b8aaac35e74daaab407afed78f4c9d3134cd84b424fc400344775571e6c05e497857859df0af58136e8fa0e0176b705345320883b9e01ce859839ed4bfdf7cda2ae2f283f75c6eb6df8f77d68e39640a01eb8684616f4a9ca16c69830ae6001cc040a3ff5a732cb36faf5dfecd4b2fdc9aecd6d3e4880c11b726623292928d9502bf89ca0c22dac5e82c6e2d4c8e940fb286f4b9068cd3bb30631efeb20956b303250a6771353fd17dd6d1381c8d8d0f55feece73c0881b23170f2f130daba208779e823b94d423bd14f822d1bf792c4274377957fb1618371b7fb7811419811c2f66c9349c4bac24e7626cba6f50b17a10ae8aafdb08f3346aab1702c788ba54a8b792eebadae83d662d3a636acefd7db5cc677e075fff75cddbdb14a1edabb40256638328f1c3dc13324763cbf2a6ff8aba70a734e36b23442ca103f3830a9fcef996242a8fdec4036a57c912cf13481bd65ddc1a48fd3d12d1d2937fe31650ef573efe059de65e354d9686002a7e45a5a8e7241ca918cc2029a0bac7db446c43d497fa45b06b7485cd14adf519c7753357c225a672829b345feb36a2e49c089d1704475f7547abdda96890123aaaa69cffd857af4ee23bd62d08769bd22e2c3999000eef363c92abf98510f14abcf7a8adce933c433137e51a36c2abe6426b93733d9c0c3aebdd797e4aaf5e703130b15bf3a630d2f546e7c617af53b3f7ebf9cf6cb70c9c31b5ff625b693a30290ce5049ff5e1f2052a94e3b5fefa1711e7ecf4da41b3a0079ce2d9cb19e7ef4308b44dd62df3fae2834ea37a5ade66a55392525f2b22b9f861b144a1c94e750c39ba950617e66635454740c64b9a8cdb9df2df34d2b7c4fd05ed004ac65d52f762283b9a8dc205d12ed48c6b028ce5c203beff88f11a9edf00c62f2a1672cd0f988ccc0f35fc143603ad731811a5c2bb76a45b9737ec91df7a92b2c7cecde385bbc0055e1a3c083f5d7276d916f01306afb0dcf47f8a7b84dd30b61add28999bddf9a7d8498eb151aff8cf23ae38cb9ae8ef444d90c0e8a2b3fec7eeffabebe16adadf03a56948edf10f696a6b45c9a0638057d307f92ee9d3b3fa48e08824a956dac8432c4027c049c52f756815dd38a1aa684034ca05af1923b7b47478265a861e654cd657ccd7221b9a5ae032680b736f7e8173789f1ecae6ba5deaab8fe1b5011d023b3315ed630dc947685208cab4f14c83c1f2cea49c7281a33019980a90695a5d3b31b639cbe1c914ebb40807f9b98cbfc27f85e2e5611bf036f532e44cbd2ea6bcd585c1232d67331d9a7c6dde9123f13ac5dad9396e053c2be1b80ad74c0238b180eacff24c644547b1e3337413ff0464b8236775ab08fdda416f58ac5898011128a347a506d170e2b86d06dfb190a11ef9f925d77c0c7d19c80040ce40b16af3024384d713e9fe91e348f37f82df27631bb0f4cb9b78f97ca5ef703d6359af8355dc69c001bc71e4b2b650e2f0dbd633637db96b434a4067b3d2d4e04e78fb7d78fb3d95335a795f5aba92edfa5c01591042aa51a1654ab9506499bdce6224b1456ee50691fd6ab19da27bda856ed50ed765caedc6683281997b15b0b9914265b3f7f93980277f9e482b7ff785449b11dc38521ca4ace2fbdaf811bc4790b9b2bc61093088db75cf9c9a86779f1d5ac876cde77367ce318193a7b62773983bd8a0fb20207a3550d7b8bc55fdb681d4ef757ef0bdf2962ba39aa9465cafad8dc66a89513b02160b89bf037316abe0891baf07a30ed431e8e2afc80592abc1c69e332ffdd24b951e22db8477e429d7e95685e2bd1789dbb8cb756904b485e1fa636c5a0e6642748fea8fac9f211958d83afedaba9a771b99997e4d944989c92464e4b52cb23b66f878324ebac4259c09bb661aaf3b5d2259254b3c256dcdfd016ba2fe34b9bb0bd08f82f0c71a15a2691edf2f419800dadef3d547f955a3c89b153697ae8f1d3cd0485fd11cbf18fac60c6a63101cf0349cf8c5a2b29d5dd21bf2ddb45a6db6ff8d1564e66b803ac9033251db2cefebe6c6205e7d4f8894a1588ede6431f43cae37838a5d5ca874f7592da7459792a11e666a6fc24dbf5713bd05a5af49d1860682e0aba2a3ffe86e6f0c4c4d6eb256f24c00bba4503145529d5ea0712bd175074e825f1ca697b69dfb8b780c696bd787c0ffdbe65bc3e761896a4055d50a7bcf226aaea9dd17b38945b286d3cfb96e3f4ed159e858f7b91a6901dd4680c06be7fd5206842d45da2be81e5e0a8ca9beb87fc179731cfb768f900cfeeaf1c2255bb43d6d3fbba74df4601c1b96cacf32b487767ff32e2b73c525bffa49f0425572bf90aa2629ea3179fbfe92ef03f1da5da3831a34b26b3813783e08a7f844766994f7b25790acf95f2c2b358706fcd300b8de79fea43ae35e7b49a037e1beed559864c3da58d4f669af30f3a851f75c6f30d0ff9f0e1639b65d0c24a07e17ba21bcae95efbad304f324993df7cced7e69025dd8bd5eea8fa2202b6e567df78eccc1e99a411bef4ea01a132c88e5929fa689e12a16441a2ff1759c86982de4a1285f78bc31e41145bb50ffe83112c7a1a772bd13f5058dc44050b03bd70ed1cf79c80ed4ccff04d842351909805554f153caad1a0c17d907a0c91b4e5bddd73edcdb5b45f05845d35fe616eebc017b9edd2629a671f341894758cd7729fc0c44c19f17231e1447834cff239ab4e3675eee0b3dde3e70b3b455dee0b3bfa13e58d2d5d6d1d5f8d70742cfde59b7e35567d08edf33d8c55daafbcace2a6941c107a48f3acf4118badc4d7c5a79e1d0e298cb486eabbd2ffb9d917fe5c7a2386e332db78fa21b5f2610ffc3c87035bd6e4c571a8251488c17a51fe6024e986582ec0b7e6744443d98b393d472079a4668de54ed2067eac9b090a72ef8775d7c2141d62a133f86beb812891f1ce21e2bce020792ce3b09f03c2502c1f5ae310298ce23871e5fb6f5eefb334c9cfdaa8a65c41c7984b225fd445675a1d68a3451ca5c40d62acac1a3ce76032b4227b8c6b55fffdcb641a0b43fa65cc9276bc4c77d4ac147d5d38389a6cacff9dea047e36a4b9392f8ff7c16cd62ec4ddc6a1a754f4f5b4012c10b844adf9c743cea3f6860f6d8944f49edd06e67974ecec94a7a09b01b0dfc1eef8012520b18e565f43974768e1a0f2dfd6c8c7f010c76a469242554575cf294d5a86075998f12d5ca9412ccd7b0d2c355869739883dcb70687934d8e04ecdd9e1f58676d24b1b8a54943883a4e9f866e87f20f62edd74aae85934be76b8b1fac0bfc01940d722a1c955d99172a729b24d9cf76e6f9543bd6035e6f0bfb528bdf5dcf42f4a9cfeed7a1e8001d1805fdbbea084911c5fbaf37aa11831850514c6ce154ce47189ce5f6fc7f171e52200400edbd2bfeba0b2db549c67ddbe7798e726b2f9fbf75cb1587e8b6825bd7e5acad9104de71a7f35b6ae18b2e414a167c4fe80ef109805565dbf6f67a319095b1ed9e48beaa9b7c297c717a73dd234d93fa132a3ce4dad3d8bcbc618e6d745b36e12300959aad8900f62017e3515a63d2d4244efd87f25a72b88d0821460953a3104885cb6537943d17708ece5a1ad82a7bc2c8eda0967968253bee10467c081a59e3f9f8240a17585cb159bdc13dfb83a7ea35b6d728956567acbf1ff07e5636f2abb5d5199259fc4da38890649014a451274adf7323705797acf823d0a4106714a0c8214164cea9753fd0b8b8039c4a419565418658f665539e37f6c1fa56dff8f7ea5f31369002cdb9109c89bf86287fec6ee5bdf0882d006239e6f708db3a1d862d8fcbcec0be35a175a8bacdbde11bfc70c8133b77cdf4014dccf5d99548cc143d764b16f908baf8acba87a43d41cc2a75a8e16ebdf7b5e7d77a61988757af4e1d90097741901524911"}, 0x100c) 02:34:54 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x0, 0x6}, 0x20) r1 = shmget$private(0x0, 0x2000, 0x300, &(0x7f0000ffd000/0x2000)=nil) r2 = getuid() getresgid(&(0x7f0000000000)=0x0, &(0x7f0000000040), &(0x7f0000000080)) r4 = geteuid() lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, 0xffffffffffffff9c, 0x0, 0x2, &(0x7f00000001c0)='\\\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, 0xffffffffffffff9c, 0x0, 0xb, &(0x7f0000000240)='mime_type%\x00', 0xffffffffffffffff}, 0x30) syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0xba2, 0x10000) shmctl$IPC_SET(r1, 0x1, &(0x7f00000002c0)={{0x800, r2, r3, r4, r5, 0x22, 0x6}, 0x6a4, 0xfffffffffffffffd, 0x6, 0x8, r6, r7, 0xffffffffffffffff}) 02:34:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x2) r4 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) getsockopt$XDP_MMAP_OFFSETS(r4, 0x11b, 0x1, &(0x7f0000000080), &(0x7f0000000100)=0x60) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f00000001c0)={[], 0x8, 0x8, 0x2, 0x0, 0x7, 0x100000, 0x0, [], 0x7e4902ac}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000500)={0x3f00, 0x0, @ioapic}) [ 477.186805][T25696] device lo entered promiscuous mode [ 477.276689][T25700] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 477.286733][T25700] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable 02:34:54 executing program 4: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) connect(r0, &(0x7f0000000000)=@pppol2tpv3={0x2, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80) sendmmsg(r0, &(0x7f0000001540), 0x24c, 0x0) syz_open_procfs(0x0, &(0x7f0000003940)='attr/keycreate\x00') [ 477.429842][T25720] overlayfs: upper fs does not support tmpfile. [ 477.436195][T25720] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 477.460851][T25709] device lo left promiscuous mode [ 477.529517][T25731] FAULT_INJECTION: forcing a failure. [ 477.529517][T25731] name failslab, interval 1, probability 0, space 0, times 0 [ 477.589812][T25731] CPU: 1 PID: 25731 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 477.598964][T25731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 477.609020][T25731] Call Trace: [ 477.612324][T25731] dump_stack+0x172/0x1f0 [ 477.616664][T25731] should_fail.cold+0xa/0x15 [ 477.621266][T25731] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 477.627082][T25731] ? ___might_sleep+0x163/0x280 [ 477.631945][T25731] __should_failslab+0x121/0x190 [ 477.636889][T25731] should_failslab+0x9/0x14 [ 477.641392][T25731] kmem_cache_alloc_trace+0x2d1/0x760 [ 477.648644][T25731] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 477.654460][T25731] __memcg_init_list_lru_node+0x8a/0x1e0 [ 477.660104][T25731] __list_lru_init+0x3cf/0x6e0 [ 477.664878][T25731] alloc_super+0x762/0x890 [ 477.669302][T25731] sget_userns+0xf1/0x560 [ 477.673626][T25731] ? get_anon_bdev+0xc0/0xc0 [ 477.678215][T25731] ? get_anon_bdev+0xc0/0xc0 [ 477.682800][T25731] sget+0x10c/0x150 [ 477.686611][T25731] ? ovl_show_options+0x550/0x550 [ 477.691720][T25731] mount_nodev+0x31/0x110 [ 477.696146][T25731] ovl_mount+0x2d/0x40 [ 477.700210][T25731] ? ovl_own_xattr_set+0x10/0x10 [ 477.705144][T25731] legacy_get_tree+0xf2/0x200 [ 477.709821][T25731] vfs_get_tree+0x123/0x450 [ 477.714338][T25731] do_mount+0x1436/0x2c40 [ 477.718673][T25731] ? copy_mount_string+0x40/0x40 [ 477.723788][T25731] ? _copy_from_user+0xdd/0x150 [ 477.728643][T25731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 477.734879][T25731] ? copy_mount_options+0x30e/0x440 [ 477.740081][T25731] ksys_mount+0xdb/0x150 [ 477.744328][T25731] __x64_sys_mount+0xbe/0x150 [ 477.749008][T25731] do_syscall_64+0x103/0x610 [ 477.753730][T25731] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 477.759643][T25731] RIP: 0033:0x457e29 [ 477.763535][T25731] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 477.783135][T25731] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 477.791544][T25731] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 477.799514][T25731] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 477.807483][T25731] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 477.815448][T25731] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 477.823415][T25731] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 477.837166][T25720] overlayfs: failed to resolve './file1': -2 [ 477.844354][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 477.844408][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:34:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mknod(&(0x7f0000000040)='./file0\x00', 0x8450, 0x0) r1 = socket$inet(0x10, 0x8000b, 0xfffa) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="23000000260007041dfffd946fa283df8fc4390009000000069effff000000000d00ff7e280000001100ffffba16a0aa1c0009b3eb098753b1cc7e63975c0ac47a6268e3406c0f15a30aa914", 0x4c}], 0x1}, 0x0) r2 = fcntl$dupfd(r0, 0x406, r0) getsockopt$TIPC_NODE_RECVQ_DEPTH(r2, 0x10f, 0x83, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 477.897179][T25696] device lo entered promiscuous mode 02:34:54 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fadvise64(r1, 0x0, 0x7, 0x3) connect$inet6(r0, &(0x7f0000000700), 0x1c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x9, 0x3, 0x368, 0x0, 0x1a8, 0x1a8, 0x0, 0x1a8, 0x298, 0x298, 0x298, 0x298, 0x298, 0x3, &(0x7f0000000000), {[{{@ipv6={@ipv4={[], [], @empty}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [0xff000000, 0xff0000ff], [0xffffffff, 0xffffffff, 0x0, 0xff000000], 'rose0\x00', 'bcsf0\x00', {0xff}, {0xff}, 0x3c, 0x4, 0x6, 0x20}, 0x0, 0x188, 0x1a8, 0x0, {}, [@common=@inet=@esp={0x30, 'esp\x00', 0x0, {0x4d2, 0x4d3, 0x1}}, @common=@srh1={0x90, 'srh\x00', 0x1, {0x3f, 0xffffffff, 0x1, 0xfe97, 0x3, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @local, @ipv4={[], [], @rand_addr=0xe2b}, [0xff0000ff, 0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff, 0xffffffff], [0xffffffff, 0xff000000, 0x0, 0xff000000], 0x420, 0x1}}]}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}, {{@uncond, 0x0, 0xc8, 0xf0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c8) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x400000001, 0x1}, {{@in6=@mcast1, 0x0, 0x2b}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x3}}, 0xe8) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) 02:34:54 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001340)='/dev/sequencer2\x00', 0x400000, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000380)={&(0x7f0000000a00)='./file1/file0\x00', r0}, 0x10) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x7fff, 0x2100) bind$pptp(r1, &(0x7f00000002c0)={0x18, 0x2, {0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000240)) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000480)='./file1\x00', &(0x7f0000007640)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f00000003c0)='./file1/file0\x00', &(0x7f0000000400)='./file1/file0\x00', &(0x7f0000000440)='9p\x00', 0x40000, &(0x7f00000076c0)={'trans=unix,', {[{@noextend='noextend'}], [{@seclabel='seclabel'}, {@euid_lt={'euid<', r2}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}}) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000007400)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c5a302c6c6f7765726469723d2e2f66696c65312c776f726b646972aef4bdc8f49470f1dd369d979d9c17318259e804cd1b1dd005da37fcc0f2743b90097884178f09a082fef954dc52e28ed401af642afb06beb19ed9a436998d1cbe1e3f6e7607577f0fa9940b8a427582c7234c2d0a483c7caa3a536a9e8dbf316bfe7c9166f5c89486dc97dd60228256d1abf079159ede29e42328808bcbd8812225cd0f61140499c1f5b41a42bbdadf0da9a2e1fb33605768c1026b2a6ddcc572654749387ce1d61ea73e0b9eed847df4716fa44b768f79bbf45ef3d42ae6c510e14ba87da776842bea2fc5cd57ed67cb2a54973b1f4ff08f62f62b95bdf37cc98724344750f3e53a41763d8ded6023e009c200a15e3fa3c142d7c9a92ae0da501ff8a4349d4ed864e814510d20bf478d5834205887e3385e8ca8c40073103857125b760cf37a441b28d02232efba5e2ba2b4397195ec99b7561e163dab500b5600bb9c2d2738f81fddd6264e477a6ba7e4687517b9ed4fe0c6afddee1ae0e1f5b1a474e07e39b53c2fc10fde2bba4114e457b09d6e1cf496484b9bc6f2a86fd06f47af5626318887a8ee9d58b35faa92e023abf2441f4d54a321fdfc4fb6c644c29e842c74bb2224b461dcdde83b8d2a696fa098084994fee3969ec6ad151826c169e4f84847fafc390a276957140cbf5686cec6eabe94325846e3bd63236592a4a0f5d7c744bd74133d0584bf3dff41b71f1f1c532610c25f91be"]) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') recvmmsg(r1, &(0x7f00000011c0)=[{{&(0x7f0000000500)=@hci, 0x80, &(0x7f0000000300)=[{&(0x7f0000000580)=""/227, 0xe3}], 0x1, &(0x7f0000000680)=""/212, 0xd4}, 0xe76}, {{&(0x7f0000000780)=@can, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000800)=""/7, 0x7}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000000840)=""/143, 0x8f}, {&(0x7f0000000900)=""/225, 0xe1}, {&(0x7f0000000a00)}, {&(0x7f0000000a40)=""/74, 0x4a}, {&(0x7f0000000ac0)=""/215, 0xd7}], 0x7, &(0x7f0000002400)=""/4096, 0x1000}, 0xcf00000000000000}, {{&(0x7f0000000c40)=@isdn, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000cc0)=""/60, 0x3c}, {&(0x7f0000000d00)=""/146, 0x92}, {&(0x7f0000000dc0)=""/177, 0xb1}], 0x3, &(0x7f0000000ec0)=""/59, 0x3b}, 0xff}, {{&(0x7f0000000f00)=@nfc_llcp, 0x80, &(0x7f0000000f80)=[{&(0x7f0000003400)=""/4096, 0x1000}, {&(0x7f0000004400)=""/4096, 0x1000}], 0x2}, 0x6}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000005400)=""/4096, 0x1000}, {&(0x7f0000000fc0)=""/148, 0x94}, {&(0x7f0000001080)=""/76, 0x4c}, {&(0x7f0000006400)=""/4096, 0x1000}], 0x4, &(0x7f0000001140)=""/101, 0x65}, 0x26}], 0x5, 0x10001, &(0x7f0000001300)={0x0, 0x1c9c380}) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 477.968152][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 477.973986][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 478.023404][T25718] device lo left promiscuous mode 02:34:54 executing program 0 (fault-call:20 fault-nth:25): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 478.202568][T25765] overlayfs: unrecognized mount option "workdirp61Y7t; x TRd*٤6?nvW Bu#L- [ 478.202568][T25765] H<|:Sj1k|fȔܗ`"Vѫy)#(؁"%aB 3`Whk*mreGI8|> }qoKvy^*K}v+/Wg*T;Ob+|ɇ$4GP:Av=`# " or missing value 02:34:55 executing program 2: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fadvise64(r1, 0x0, 0x7, 0x3) connect$inet6(r0, &(0x7f0000000700), 0x1c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x9, 0x3, 0x368, 0x0, 0x1a8, 0x1a8, 0x0, 0x1a8, 0x298, 0x298, 0x298, 0x298, 0x298, 0x3, &(0x7f0000000000), {[{{@ipv6={@ipv4={[], [], @empty}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, [0xff000000, 0xff0000ff], [0xffffffff, 0xffffffff, 0x0, 0xff000000], 'rose0\x00', 'bcsf0\x00', {0xff}, {0xff}, 0x3c, 0x4, 0x6, 0x20}, 0x0, 0x188, 0x1a8, 0x0, {}, [@common=@inet=@esp={0x30, 'esp\x00', 0x0, {0x4d2, 0x4d3, 0x1}}, @common=@srh1={0x90, 'srh\x00', 0x1, {0x3f, 0xffffffff, 0x1, 0xfe97, 0x3, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @local, @ipv4={[], [], @rand_addr=0xe2b}, [0xff0000ff, 0xffffffff, 0xffffffff, 0xffffff00], [0xffffff00, 0xffffffff, 0xff, 0xffffffff], [0xffffffff, 0xff000000, 0x0, 0xff000000], 0x420, 0x1}}]}, @unspec=@NOTRACK={0x20, 'NOTRACK\x00'}}, {{@uncond, 0x0, 0xc8, 0xf0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c8) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x400000001, 0x1}, {{@in6=@mcast1, 0x0, 0x2b}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x3}}, 0xe8) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) [ 478.344165][T25775] FAULT_INJECTION: forcing a failure. [ 478.344165][T25775] name failslab, interval 1, probability 0, space 0, times 0 [ 478.422083][T25770] overlayfs: unrecognized mount option "workdirp61Y7t; x TRd*٤6?nvW Bu#L- [ 478.422083][T25770] H<|:Sj1k|fȔܗ`"Vѫy)#(؁"%aB 3`Whk*mreGI8|> }qoKvy^*K}v+/Wg*T;Ob+|ɇ$4GP:Av=`# " or missing value [ 478.459027][T25775] CPU: 0 PID: 25775 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 478.468168][T25775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 478.478226][T25775] Call Trace: [ 478.481525][T25775] dump_stack+0x172/0x1f0 [ 478.485875][T25775] should_fail.cold+0xa/0x15 [ 478.490484][T25775] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 478.496304][T25775] ? ___might_sleep+0x163/0x280 [ 478.501167][T25775] __should_failslab+0x121/0x190 [ 478.506115][T25775] should_failslab+0x9/0x14 [ 478.510628][T25775] kmem_cache_alloc_trace+0x2d1/0x760 [ 478.516012][T25775] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 478.521833][T25775] __memcg_init_list_lru_node+0x8a/0x1e0 [ 478.527481][T25775] __list_lru_init+0x3cf/0x6e0 [ 478.532262][T25775] alloc_super+0x762/0x890 [ 478.536699][T25775] sget_userns+0xf1/0x560 [ 478.541037][T25775] ? get_anon_bdev+0xc0/0xc0 [ 478.545636][T25775] ? get_anon_bdev+0xc0/0xc0 [ 478.550237][T25775] sget+0x10c/0x150 [ 478.554054][T25775] ? ovl_show_options+0x550/0x550 [ 478.559091][T25775] mount_nodev+0x31/0x110 [ 478.563432][T25775] ovl_mount+0x2d/0x40 [ 478.567508][T25775] ? ovl_own_xattr_set+0x10/0x10 [ 478.572452][T25775] legacy_get_tree+0xf2/0x200 [ 478.577136][T25775] vfs_get_tree+0x123/0x450 [ 478.581646][T25775] do_mount+0x1436/0x2c40 [ 478.585990][T25775] ? copy_mount_string+0x40/0x40 [ 478.590935][T25775] ? copy_mount_options+0x1de/0x440 [ 478.596138][T25775] ? copy_mount_options+0x214/0x440 [ 478.601344][T25775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 478.607584][T25775] ? copy_mount_options+0x30e/0x440 [ 478.612787][T25775] ksys_mount+0xdb/0x150 [ 478.617037][T25775] __x64_sys_mount+0xbe/0x150 [ 478.621733][T25775] do_syscall_64+0x103/0x610 [ 478.626323][T25775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 478.632205][T25775] RIP: 0033:0x457e29 [ 478.636109][T25775] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 478.655715][T25775] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 478.664109][T25775] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 478.672071][T25775] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 478.680041][T25775] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 478.688013][T25775] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 478.695989][T25775] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:34:56 executing program 3: ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000000)=0x1000) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x2, 0x200100) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f00000000c0)) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x84, 0x9, &(0x7f0000000000), &(0x7f0000000040)=0x9b) 02:34:56 executing program 2: r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x1, 0x2) write$USERIO_CMD_REGISTER(r0, 0x0, 0x0) fgetxattr(r0, &(0x7f0000000000)=@random={'trusted.', '/dev/radio#\x00'}, &(0x7f0000000080)=""/161, 0xa1) ioctl$LOOP_CLR_FD(r0, 0x4c01) 02:34:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) socket$kcm(0x29, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x400000002, 0x0) write$binfmt_aout(r0, &(0x7f0000000040)=ANY=[@ANYRESOCT], 0x337) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1}) recvmmsg(r2, &(0x7f0000002300)=[{{0x0, 0xfffffe19, 0x0, 0x0, 0x0, 0x7e}}], 0x2fd, 0x4000003a, 0x0) 02:34:56 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_gstrings={0x1b, 0x6}}) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x93, 0x101280) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f00000000c0)={0x0, 0x59, 0x0, &(0x7f0000000080)=0x5}) 02:34:56 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer\x00', 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f00000002c0)=""/72) write$P9_RREADLINK(r0, &(0x7f00000003c0)={0x1c5, 0x17, 0x1, {0xfffffffffffffecf, './file1'}}, 0x10) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:34:56 executing program 0 (fault-call:20 fault-nth:26): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:34:57 executing program 1: r0 = socket(0x15, 0x80005, 0x0) getsockopt(r0, 0x800000000114, 0x800000000000008, &(0x7f0000000040), &(0x7f00000000c0)=0x4100) finit_module(r0, &(0x7f0000000000)='}-\x04\x00', 0x1) 02:34:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_pts(r0, 0x101000) ioctl$KDSETMODE(r2, 0x4b3a, 0x4) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0xc008ae88, &(0x7f0000000100)={0x7b, 0x0, [0x11]}) 02:34:57 executing program 3: r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000200)={0x7, @sliced}) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=0x0, &(0x7f0000000040)=0x4) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000000c0)={r1, 0x0, 0x20, 0x1, 0x3f}, &(0x7f0000000100)=0x18) [ 480.261996][T25815] overlayfs: upper fs does not support tmpfile. [ 480.283685][T25815] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 480.329863][T25798] FAULT_INJECTION: forcing a failure. [ 480.329863][T25798] name failslab, interval 1, probability 0, space 0, times 0 02:34:57 executing program 1: openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0) syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x8, 0x101880) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0xd2, 0x800) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000100)={0x77359400}, 0x10) connect$bt_l2cap(r1, &(0x7f0000000000), 0xe) dup3(r0, r1, 0x0) [ 480.380262][T25798] CPU: 1 PID: 25798 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 480.389419][T25798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 480.399482][T25798] Call Trace: [ 480.402791][T25798] dump_stack+0x172/0x1f0 [ 480.407136][T25798] should_fail.cold+0xa/0x15 [ 480.411739][T25798] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 480.417549][T25798] ? ___might_sleep+0x163/0x280 [ 480.422397][T25798] __should_failslab+0x121/0x190 [ 480.427318][T25798] should_failslab+0x9/0x14 [ 480.431803][T25798] kmem_cache_alloc_trace+0x2d1/0x760 [ 480.437157][T25798] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 480.442954][T25798] __memcg_init_list_lru_node+0x8a/0x1e0 [ 480.448577][T25798] __list_lru_init+0x3cf/0x6e0 [ 480.453363][T25798] alloc_super+0x762/0x890 [ 480.457765][T25798] sget_userns+0xf1/0x560 [ 480.462118][T25798] ? get_anon_bdev+0xc0/0xc0 [ 480.466718][T25798] ? get_anon_bdev+0xc0/0xc0 [ 480.471288][T25798] sget+0x10c/0x150 [ 480.475080][T25798] ? ovl_show_options+0x550/0x550 [ 480.480088][T25798] mount_nodev+0x31/0x110 [ 480.484410][T25798] ovl_mount+0x2d/0x40 [ 480.488468][T25798] ? ovl_own_xattr_set+0x10/0x10 [ 480.493401][T25798] legacy_get_tree+0xf2/0x200 [ 480.498078][T25798] vfs_get_tree+0x123/0x450 [ 480.502581][T25798] do_mount+0x1436/0x2c40 [ 480.507022][T25798] ? copy_mount_string+0x40/0x40 [ 480.511944][T25798] ? _copy_from_user+0xdd/0x150 [ 480.516777][T25798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 480.522996][T25798] ? copy_mount_options+0x30e/0x440 [ 480.528191][T25798] ksys_mount+0xdb/0x150 [ 480.532416][T25798] __x64_sys_mount+0xbe/0x150 [ 480.537081][T25798] do_syscall_64+0x103/0x610 [ 480.541674][T25798] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 480.547552][T25798] RIP: 0033:0x457e29 [ 480.551437][T25798] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 480.571017][T25798] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 480.579408][T25798] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 480.587370][T25798] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 480.595333][T25798] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 480.603284][T25798] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 480.611235][T25798] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:34:57 executing program 3: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) lsetxattr$security_selinux(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000180)='system_u:object_r:inetd_var_run_t:s0\x00', 0x25, 0x0) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000100000000000000040000000000000008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000000000000002000000000000000de405131b6cff6f5beee5ceca6c56c4209ebf9865338ccd19478c172d86f294d2b5543817ab2b304e6f0f563b3a6b51f349bbc6cf0b66d386c6a1dfe59cf67d3a35a366f24e53939337400b11f207ed8c50e99d52208725350693cab3c1e8c3ae153e065e0e015646289eeb65f29e3b55119ff5abeacc33909e46bea58724f5d8e0dd9ff67fe2d49c5a32ef4b981177502631353a7864fa6d04baffb0d696152d796b3445caec65f108a245dbe41c073e81be3ced382735ebea269db1e8a0669c69d1489546802cbfbe258b7a025334fed2691107a52b9ede24fcceebd77f8db4a4191eeaad2cfef64aa52d71bb7bc338d0e82500d3d26705bc438c3e039f4938d8a2345490116cf4611811271a7e51ddd"], 0x34, 0x0) mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x0) [ 480.667799][T25824] overlayfs: failed to resolve './file1': -2 02:34:57 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @loopback, 0xfffffffffffffffe}, 0xfffffffffffffd53) syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') writev(r0, &(0x7f0000000440)=[{&(0x7f00000001c0)='R', 0x1}], 0x1) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400, 0x0) bind$pptp(r1, &(0x7f00000003c0)={0x18, 0x2, {0x3, @local}}, 0x1e) fstat(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x6ae6a9f13da7685c, &(0x7f0000000540)=ANY=[@ANYBLOB='mode=00000000000000000000004,mode=00000000000000000003107,mode=00000000000000000000010,mode=00000000000000000006562,mode=00000000000000000000067,subj_type={em1-security{Rlo!,seclabel,fowner=', @ANYRESDEC=r2, @ANYBLOB="2c726f6f74ff076e74963245ab756e636f6e66696e618b4e1204afaf7868096673666c6f6f723d6d696d655f747970652d73656c662c646f8d1276c3b3dee0228a4bc2db48fbbfb4712c37cdd583dbe86287f6b1791a9829949eb970bd5d371453e1a085d1c6515aebb0a683c2b1e4a0d53c07cebd2bb9f7ea111cf30111b04af26be30a9ebfd9763e5da694897dd5a02b17904c675b8324b2b1fd32abb12ef0ae7b8ca58da577471648328c9f3d79ed07a105010d9a0a1d72e3e1bbab9afdc73eb90f61a819bd31d5091ff083f3474a041be3140998abfa72dd82e3e88dd2d630edefdcf42cb66c6be374d35dfdbea346e08dad7e2232225b2a98303895644a212f48edff7ce43feebf44fecd17e9901dea1871255494bc17c51cdc0bf40ee98487eb3188fb4c8944a178d432ac38df4d56890b5abe30dc8cf8ed9aa8acd060e79fba83d904908b9033d19cfdbd57675beff41fea31d0e3d2c6d6d18191395e7f4f9e4c16a705aadbcb00de1ed5a0f4781e1f274fd378e7c35e5b35b5974ab26619963ce8727317c94cec45fbf7732e9948b9e8d352dab23929a1de2e7b4e8e8580d7be95e76d52ad247156b004bc200ec19eac8d6e0d86939215a143c1ff9278085c8504229292c4a10130bd901024c43ab0f4e1c87dd50d79496fc7"]) 02:34:57 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000040)=@v1={0x1000000, [{0x7ff, 0x1}]}, 0xc, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240)='/dev/hwrng\x00', 0x4000, 0x0) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000340)={0x2a, 0x4, 0x0, {0x0, 0xfbd, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) r1 = creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa04, 0x0) keyctl$session_to_parent(0x12) bind$unix(r1, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e) 02:34:57 executing program 2: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x208002, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x111402, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000000c0)={0x101, 0x15, 0x1, r1}) sysfs$1(0x1, &(0x7f0000000040)='rpc_pipefs\x00') 02:34:57 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xa71, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffff001, 0x400) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f00000000c0)={0x0, 0x6}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x210080, 0x0) openat$cgroup_subtree(r0, &(0x7f0000000100)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000140)="a02e5fec004799484c7d35ae32473d063af6149922aa2caf85726c93be410f16d050fa542516ef3d019a2c1a129f7bad71d562a0b7afb12689") ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000040)=0x2) 02:34:57 executing program 3: request_key(0x0, 0x0, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000340)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0}, 0x68) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x2000000000204000, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x200000, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xa0, r2, 0x108, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fffffff}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x100000001}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfe5a}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x67}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x7f}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x1}}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0x4}]}, 0xa0}, 0x1, 0x0, 0x0, 0x44}, 0x4000) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0) write$9p(r1, &(0x7f0000000400)="1434cd9d6c57531e02a5c9565648eb97ada41ab9ab43b360a1fa81a48c5fa3310507d16b4505146e1621c1b11f475bc9ee24dd1e420f4f5081fcf58712f8ea70fa7cb14cc242aec9c200ae8f8f868644bd03bb24230db29dcce364078fee082a8a345f59599bf23f4b7af4d507ee3813c3b06ab06f4a038f1f06774ad805a16b0c45e407053bb8dde823eadb5bb6effa77d7e2c1e03bb533a9e7b4984aebc142f22847e09a43980b32bc37c1dfe8", 0xae) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/17, 0x10000, 0x1000}, 0x18) r4 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xd, 0x800) write$UHID_GET_REPORT_REPLY(r4, &(0x7f0000000140)={0xa, 0xa, 0x9, 0x9}, 0xa) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000100)=0x8, 0x4) syz_open_dev$swradio(0x0, 0xffffffffffffffff, 0x2) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key(0x0, &(0x7f0000000b80)={'syz'}, 0x0, 0x0, 0xfffffffffffffffa) syz_genetlink_get_family_id$tipc(0x0) 02:34:57 executing program 1: getpid() perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setfsuid(0x0) mq_notify(0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) ioctl$VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000001780)=0x2) r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x1, 0x2) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000040)=0x80000002) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0xffffffffffffffd3, 0x34, 0x100000000000000}, 0xfffffefd) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x0) linkat(r0, &(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000080)='./file0\x00', 0x1000) 02:34:57 executing program 2: r0 = dup(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000000280)={0x0, 0x9e, "2b0a95b4ffe1a76f84522e840d669965d1b0d0f2055dbeb84844e4db00c565084271efa047023bb2eeaba9925c6997aa2c0282a9e6f1464fb199cd57b635cbc3d25347fe05ea98bd682d27aee8471aaa369a36ba53c7d4ccd468803ccc750ffa07bd94e71197d1ae730769dafcb0f57dbbcc53d785cf50fc906885a912892e5a6fcd247a7c1c9056ed67b545b9ef71f25bfbcaaa9b075dc6fc022836b84e"}, &(0x7f0000000040)=0xa6) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f00000003c0)=0x4) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r1, 0x42}, &(0x7f0000000380)=0x8) sched_setaffinity(0x0, 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000580)='/dev/uhid\x00', 0x2, 0x0) getsockname(r2, 0x0, &(0x7f0000000500)) readv(r3, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/108, 0x6c}], 0x1) write$UHID_CREATE(r3, &(0x7f0000000140)={0x0, 'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000000)=""/11, 0xb}, 0x120) close(r3) 02:34:57 executing program 0 (fault-call:20 fault-nth:27): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 481.006811][T25860] overlayfs: upper fs does not support tmpfile. [ 481.013689][T25860] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 481.133944][T25977] overlayfs: './file0' not a directory [ 481.147907][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.181510][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.235174][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.266172][T25996] FAULT_INJECTION: forcing a failure. [ 481.266172][T25996] name failslab, interval 1, probability 0, space 0, times 0 [ 481.278933][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.292378][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.302614][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.304654][T25996] CPU: 0 PID: 25996 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 481.316712][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 02:34:58 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5437, 0x0) ioctl$TCSETSF(r0, 0x5441, 0x0) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) getsockopt$inet6_int(r2, 0x29, 0xd0, &(0x7f00000001c0), &(0x7f00000000c0)=0x4) [ 481.319123][T25996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 481.319129][T25996] Call Trace: [ 481.319151][T25996] dump_stack+0x172/0x1f0 [ 481.319173][T25996] should_fail.cold+0xa/0x15 [ 481.319193][T25996] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 481.319214][T25996] ? ___might_sleep+0x163/0x280 [ 481.319236][T25996] __should_failslab+0x121/0x190 [ 481.319256][T25996] should_failslab+0x9/0x14 [ 481.319273][T25996] kmem_cache_alloc_trace+0x2d1/0x760 [ 481.319291][T25996] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 02:34:58 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x400000, 0xffffffffffffff00, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:34:58 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x30, 0x829, 0x0, 0x0, {0x2802, 0x1000000}, [@nested={0x18, 0x0, [@typed={0x12, 0x1, @ipv6=@loopback={0xffffffff300b0000}}]}]}, 0x2c}}, 0x0) [ 481.319315][T25996] __memcg_init_list_lru_node+0x8a/0x1e0 [ 481.333635][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.336825][T25996] __list_lru_init+0x3cf/0x6e0 [ 481.336847][T25996] alloc_super+0x762/0x890 [ 481.336868][T25996] sget_userns+0xf1/0x560 [ 481.336881][T25996] ? get_anon_bdev+0xc0/0xc0 [ 481.336899][T25996] ? get_anon_bdev+0xc0/0xc0 [ 481.340896][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.344509][T25996] sget+0x10c/0x150 [ 481.344530][T25996] ? ovl_show_options+0x550/0x550 [ 481.344544][T25996] mount_nodev+0x31/0x110 [ 481.344559][T25996] ovl_mount+0x2d/0x40 [ 481.344574][T25996] ? ovl_own_xattr_set+0x10/0x10 [ 481.344589][T25996] legacy_get_tree+0xf2/0x200 [ 481.344607][T25996] vfs_get_tree+0x123/0x450 [ 481.344625][T25996] do_mount+0x1436/0x2c40 [ 481.344653][T25996] ? copy_mount_string+0x40/0x40 [ 481.356067][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.359961][T25996] ? _copy_from_user+0xdd/0x150 [ 481.359982][T25996] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 481.359995][T25996] ? copy_mount_options+0x30e/0x440 [ 481.360014][T25996] ksys_mount+0xdb/0x150 [ 481.360031][T25996] __x64_sys_mount+0xbe/0x150 [ 481.360050][T25996] do_syscall_64+0x103/0x610 [ 481.360070][T25996] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 481.360085][T25996] RIP: 0033:0x457e29 [ 481.365684][ T7559] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 481.369666][T25996] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 481.369676][T25996] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 481.369691][T25996] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 481.369699][T25996] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 481.369708][T25996] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 481.369717][T25996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 481.369726][T25996] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 481.591591][ T7559] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz1 02:34:58 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r1 = openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000500)=ANY=[], 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RREADDIR(r1, &(0x7f0000000040)={0x68, 0x29, 0x2, {0x80000000, [{{0x2, 0x1, 0x2}, 0x80, 0x1ff, 0x7, './file0'}, {{0x4, 0x3, 0x4}, 0x7ff, 0x2, 0x7, './file0'}, {{0x20, 0x1, 0x7}, 0x7fff, 0x2, 0x7, './file0'}]}}, 0x68) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setresuid(0x0, r3, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000180)={0x0, 0x0}) prctl$PR_GET_KEEPCAPS(0x7) process_vm_readv(r5, &(0x7f0000000380)=[{&(0x7f0000000340)=""/61, 0x3d}], 0x1, &(0x7f0000002540)=[{&(0x7f00000003c0)=""/63, 0x3f}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x71, 0x0, &(0x7f0000000000)) [ 481.654237][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.674535][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 02:34:58 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) r1 = getpgrp(0xffffffffffffffff) capget(&(0x7f0000000040)={0x19980330, r1}, &(0x7f0000003840)) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000080)={{0xff, @rand_addr=0x852a, 0x4e22, 0x4, 'sed\x00', 0x1, 0xbe6, 0x77}, {@empty, 0x4e22, 0x12000, 0x49f, 0x4, 0x2b80}}, 0x44) ioctl$TCSBRKP(r0, 0x5425, 0x0) [ 481.697519][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.709169][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.718190][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.726309][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.734442][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.778876][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 02:34:58 executing program 0 (fault-call:20 fault-nth:28): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:34:58 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0xfffffffffffffffc, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) r0 = geteuid() syz_mount_image$erofs(&(0x7f0000000240)='erofs\x00', &(0x7f0000000280)='./file1\x00', 0x2, 0x3, &(0x7f0000000540)=[{&(0x7f0000000380)="569880b5df1ad6e1f51c4a030c42f8fea90e288d7b9d15344bf46b75a729364eea08d88937601eb196eae407501a0d91ef938c3157bbcf6043576416189ce0cf7c1a1c8a191e163bd2102fb9162df63ac3465b408706db3b25f0070df6971bb84145c54239c3b8ca6b1e172c36a6532d20fa3f9a4d5ab43c22ed4f491ff03b5bb9cddb6e51ecfc6e99c514c7fbdb07f2b6c8c17b2f34d77a7a82c1c4caf243cd4896bef04258dd9b28c29233f8e8d535b5f959bf82a1ca2e0ee7dc2f16", 0xbd, 0x41}, {&(0x7f00000002c0)="5bc99acd969de8cb2f31b358045c51dd3f021f043b9d264b537f53fdc5a25d05b99e826d8a2027bd46045141de7becd23495322d32102d3881187a5e65bc8bd2f71cea914018c006322df3c2f60a5b55fc17c4d66900d59d97f0", 0x5a, 0xffffffffffffffe5}, {&(0x7f0000000440)="073ffc5e597f65881ceaa1948dec41c280e42b432de06c2760e0d3fef71c80b4c3f1bf76a7c104972242a49626563fa8d8934a409da5a64ff7e8d37dc19f1cbc5da872b30ffaad79ec5082c2f83803e5b73fb7dcec7c5bdb407c100af62738c2ee323c9f8c8fc866f8e0a4acc85bf9defbc38480621e8be7709c9c2945e32ad7dbebc48e9d4047ef098f009ef38c6ca6a212559d812886b2ee00141331d65aac14894c2444a76caf18be75a0af5e3fde9cfde9b85d429152aa51f83e2e585443362597609506a7a479706ae007bac6d16d2aaf61770653e95928310e21c6eb947d28ce4c45ebf4c69a5bf3ef", 0xec, 0xf0}], 0x400, &(0x7f00000005c0)={[{@fault_injection={'fault_injection', 0x3d, 0x9}}, {@fault_injection={'fault_injection', 0x3d, 0x7e}}, {@fault_injection={'fault_injection', 0x3d, 0x2}}, {@nouser_xattr='nouser_xattr'}, {@noacl='noacl'}], [{@func={'func', 0x3d, 'BPRM_CHECK'}}, {@subj_type={'subj_type'}}, {@dont_hash='dont_hash'}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@uid_lt={'uid<', r0}}]}) r1 = open$dir(&(0x7f00000006c0)='./file2\x00', 0x0, 0x10) fsetxattr$security_capability(r1, &(0x7f0000000700)='security.capability\x00', &(0x7f0000000740)=@v2={0x2000000, [{0x3f, 0x6}, {0x2, 0x7f}]}, 0x14, 0x1) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000040)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 481.824211][T26015] ptrace attach of "/root/syz-executor.4"[7561] was attempted by "/root/syz-executor.4"[26015] [ 481.837868][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.859733][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 481.871931][ T7567] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 02:34:58 executing program 3: pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x18f, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x95360900, 0x75}}, &(0x7f0000000180)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x4, 0x0, 0x0, 0x40f00}, 0xffffffffffffff3a) keyctl$join(0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f00000002c0)={0x3, 0x2, 0x0, 0x1, &(0x7f0000000240)=[{}, {}]}) nanosleep(&(0x7f0000000000)={0x77359400}, &(0x7f0000000080)) [ 481.896179][ T7567] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz1 02:34:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$rds(0x15, 0x5, 0x0) dup2(r1, r0) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1c) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8, 0x101000) [ 481.968144][ C0] net_ratelimit: 20 callbacks suppressed [ 481.968153][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 481.979664][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 482.118209][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 482.124118][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 482.133248][T26142] FAULT_INJECTION: forcing a failure. [ 482.133248][T26142] name failslab, interval 1, probability 0, space 0, times 0 [ 482.146380][T26142] CPU: 0 PID: 26142 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 482.155499][T26142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.165583][T26142] Call Trace: [ 482.168875][T26142] dump_stack+0x172/0x1f0 [ 482.173221][T26142] should_fail.cold+0xa/0x15 [ 482.177826][T26142] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 482.183650][T26142] ? ___might_sleep+0x163/0x280 [ 482.188518][T26142] __should_failslab+0x121/0x190 [ 482.193467][T26142] should_failslab+0x9/0x14 [ 482.197969][T26142] kmem_cache_alloc_trace+0x2d1/0x760 [ 482.203348][T26142] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 482.209170][T26142] __memcg_init_list_lru_node+0x8a/0x1e0 [ 482.214820][T26142] __list_lru_init+0x3cf/0x6e0 [ 482.219576][T26142] alloc_super+0x762/0x890 [ 482.224003][T26142] sget_userns+0xf1/0x560 [ 482.228331][T26142] ? get_anon_bdev+0xc0/0xc0 [ 482.232927][T26142] ? get_anon_bdev+0xc0/0xc0 [ 482.237523][T26142] sget+0x10c/0x150 [ 482.241334][T26142] ? ovl_show_options+0x550/0x550 [ 482.246354][T26142] mount_nodev+0x31/0x110 [ 482.250696][T26142] ovl_mount+0x2d/0x40 [ 482.254756][T26142] ? ovl_own_xattr_set+0x10/0x10 [ 482.259704][T26142] legacy_get_tree+0xf2/0x200 [ 482.264381][T26142] vfs_get_tree+0x123/0x450 [ 482.268878][T26142] do_mount+0x1436/0x2c40 [ 482.273212][T26142] ? copy_mount_string+0x40/0x40 [ 482.278161][T26142] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 482.284395][T26142] ? copy_mount_options+0x30e/0x440 [ 482.289592][T26142] ksys_mount+0xdb/0x150 [ 482.293845][T26142] __x64_sys_mount+0xbe/0x150 [ 482.298544][T26142] do_syscall_64+0x103/0x610 [ 482.303130][T26142] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 482.309010][T26142] RIP: 0033:0x457e29 [ 482.312902][T26142] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 482.332505][T26142] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 482.340909][T26142] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 482.348868][T26142] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 482.356839][T26142] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 482.364805][T26142] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 482.372764][T26142] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 000000000000000a [ 482.380956][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 482.386741][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 482.461955][T26137] erofs: read_super, device -> /dev/loop5 02:34:59 executing program 1: prctl$PR_SET_CHILD_SUBREAPER(0x2b, 0xfffffdfffffffffc) 02:34:59 executing program 4: r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x400, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xf) ioctl$KDADDIO(r1, 0x400455cb, 0x8000) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xe, 0x201) setsockopt$RXRPC_UPGRADEABLE_SERVICE(r2, 0x110, 0x5, &(0x7f0000000080)=[0x4, 0x1], 0x2) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r3, 0x0, 0x70bd2c, 0x25dfdbfe, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0xffffffffffff7ddd}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x20004001) 02:34:59 executing program 2: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000440), 0x10) ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000001700)=@req={0x28, &(0x7f00000016c0)={'vlan0\x00', @ifru_addrs=@xdp={0x2c, 0x0, 0x0}}}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer\x00', 0x1c3340, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x113800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, r3, 0xc02, 0x70bd2b, 0x25dfdbfd, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x1000}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040840) delete_module(&(0x7f0000000000)='bdevvmnet0\x00', 0xa00) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x208800, 0x0) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x24, r5, 0x4, 0x70bd28, 0x25dfdbfb, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0xb0d8}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x804}, 0x8000) sendmsg$can_bcm(r0, &(0x7f0000001840)={&(0x7f0000001740)={0x1d, r1}, 0x10, &(0x7f0000001800)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="00000000010000000000000000000000b71707a9383a71bc3cef0e105c5d87fcf4939ff663cae2650515af9735d8de03b624298d5a343eb200517a88f91a3e9d3a32128fbae144eecf69f1bcb38bd5cfb9137066375440d946c37eba05bddc12057ed40a3f885298f298f3517df6ea36a870303f392ecd70bdb92d5fb5d7008056dc2679df44e26914939fba6c145a640d7ad1148f282f02c714532662d24b7b137da9c377ccca0bfa12574c79da23e9d9822f4a8159295fa20f5985507c735a0ad6ae7b7001"], 0x80}}, 0x0) 02:34:59 executing program 0 (fault-call:20 fault-nth:29): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 482.501616][T26137] erofs: options -> fault_injection=0x0000000000000009,fault_injection=0x000000000000007e,fault_injection=0x0000000000000002,nouser_xattr,noacl,func=BPRM_CHECK,subj_type=,dont_hash,func=KEXEC_INITRAMFS_CHECK,uid<00000000000000000000, [ 482.528415][T26137] erofs: cannot find valid erofs superblock 02:34:59 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0x5, 0xfffd) mbind(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x45, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x4040, 0x0) signalfd(r0, &(0x7f0000000080)={0x81}, 0xfffffec6) [ 482.609371][T26137] overlayfs: './file0' not a directory 02:34:59 executing program 1: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) sendto$llc(r1, &(0x7f00000002c0)="92dab8fffdb80ecf42951ec5326297c7fb1bc945311c72eef5bdc9015358df6cc3739d26b1a16c40ded7ea7137b559ba349892e71e3f0eb51045fc24651ef93fcbe8472b5afe90463c2187ab4d7f313aa23541baabe45ad0158e6baf3a3d3a2fdb1bf8c7a4e32d3ef0951bccfcc0344ea9421c015fa7d0b544615e710fe2c39a60d2cdfdb9e9a395fb5e97b46d85fda7ab9ff096064e826acf3a71b669a9ec9ec5b1cb4ac90741c0ac23049f18802f413ecb64be9179f3edf183ec832e0649da075612aea311975c6d8b32ea566f486d310c852656ae8c72aaaef02bccca5277e5919a6ce9509ae9a5fa45b3313243205ab9118204ead0f03b19871e92815287a8064cd54a07dc7ae283c556e9ae2157e5ca701c4a1fe757bc421202042121dbc6c933b3d64f068a601b125dbe6a1efc48ce68ab0f3529587167d336fa7b56d18e6745cbc66b9598c06a042c01f216e6d97395178b419e4bca15251836deb303d79ff2982107d44fefffc03b920c0310015dad31252432cb8b063c2177d78b352dc818bdf5d8c5efdc9335d659d2411ecf156a18af1f033ad1e4d00acc37d1e9eda69763c49f973b52a38d4b68a2d38e7cf42c19d94e88187e420b71f2c6a5a197eed021df9f3a929a7ef1fa0ac1985f7c4a1711401b1af4e271aec57c1a104a9eee9c954b1ae93d668b776e00da439be7ad37f0fbacca123c16221767e6cc82dea203742dbe4fb49f465a86c667879bfe4b8cea8ac6b9bc12cf12f5e5467e85c24eef499f9dd91254a0c3d93998f2aadd86b810713d11174109157a4b8d5d3ea5f9fc218f10954eb2d98de9a60c500020a50e06c7b3a09a3ae4315723bfa7a9c1917392d09a10e0e1e8db587acda6ae1ea1e524b493f6c90cb90113947278c7849e845ed3926411a2757774d6d091c0cebfaf36fc048dd535d9b89af452120c061740c41640653f5b598f1e8afd72741e2e6043481e70accabd52c789a2d2afa975bbd1fd068d79ae990e073126154ee4b4f030c8b0557ff4f8f000ddcd5cf9314947d0fbe4b115527a261c4a79c2bbea8e85a2e4cd85b877d742e017ed78084db2f700f83c6d773640b63b9897270b4d436194ee20ac41378cca898d0f428ef111fa2ffc2222264845b968642eb3b091487546f82c0f83c145cc8fa38b10d83c77f2a2610b27b71186bc47ad8faeb8f7b67c000c6000d06839f7206bf993f8066c7b580ea32d821dff3a1b0544168d7431adbdb1b8f1cd22f4ebdf7a9ca96c785154bb74bb1e56e41f16bf7db36ec196ed4a9394fdead67875ac72f02da22027138b76a2919c4e403906ba8d0b39eb809b2fcc06b48b2f558071c5fc3d00491411c7824b1c6e5fac8af9e5d48cb3d30d57a7e1f52fd1197febbb86dfbc5b4216fc71e6088e9f321329cf49d31eec2c0e9b62f7f0ff1f82fa2284f2531b63b06281f249427b09d75c0423ab83ea7cf5fd79ccd14f8055ecb941b1a8023d38bffa1d64403428b246c02887d44b256fbed909233a4b16160597f60a36837578519f2dddc061e16a750f38b3cd69e727f7857368ee4f2c1e64ce349e242d7a118d5afa2ba9bf5b14a017c2bfbe87f29492449257051ec76040512ff51f6184c9d9db637b4d5b8acb456ee5cd25786d4686f33062c5f985d35f60fa9a624ddaf113bb920edaa4294c9caf065f527f412dc3c5361a5229422bd63272902a7a34b4fa7df32e006716956d1830d9ec93a3ec1feaf9367b1542e57b18ae9e8e574d54387291b57a735a41748ff7609157717d2a02c6336eea9564d50bcbc4c49ce52bf3434f607837553e7adc89410ff0c69081dfc2c53b68b228d495aeccac4e5599266ab84bc9d8ddf90486c849e3ce178b1c73eb4d2df089a8a63fb02964a2a71fa00821da1e1ffd2c697fbd1254b0463062e024d0c28de699e14d5118cabae2f074aa7d73602bbca355a4846f36bb55855fd0bc8f19ca6b9d4c2de14c4dceca8086a33ec2542741eda9850b975a4e15345a2151aa73796a0d8c8b3a7570b0894582fee6d2c4d1213de4e61c4147f2fb92e9ca37931b3aa4fab4d6a726ca4b133a3330418e28f656c548d66c8d966f91c1282b2ab0dfb858e4b761041053883d0f64713fb5aa373398ca9a2f6d1b42c60fea25bc254a785d30baea3b6a50bef991a43d8d3cd6ff87e3a50f128551cfd5d1ab8e721b662dc38594fb4d4f3d4df10fa493a6451057d612d55f8f94a1390229a77d119941f9a9f779ef414e28a02a5aa219e5d156bc90bbbbd00efafc838ed32d3c6a18ca1d3e7f268c04b0667013f792e3d36d133d97bdf5e670fc9bb537d7edee774fc3e080a85c97562c7273f414807d35fcc3427db25d75b4b597723d885a8fc7790d6a3e47859f8f421bcfc667d488ff110b54e3e01cc43e07df57d781cbf566d421f0f0850b1985416fc10388ede4f5e153764e4511779666aebcdfa67fc68746adef56961677cb8cef1a386a9d8ca7780b69839e529d2e2989c0cfc30294d405ae300a93f9c53492baf634daca7c3497c974c5fae0c0498de991ecbd57db58e066192a5e1618a03c008684cf4e9ebd72827dc3309ec4d439e3e03910fa9dc9225a523d512b83fd1eecee8d3a9b38338c0d9b3b1e867150d2a6991d545d694d53bceb2166c78694d396e2af81177d9de34f205cb85cb0cd13a02c0095d655a90ed5c5656c53a4b31c4af14f5d42a5394027a1da842f25e03afb8aff11886bca63ed4cea24f10d9e19573f91de907b6ae6990a96a7c643b2e3f261002848f858c19ff1eec52e6edd09c2c2484c2b4969c7ffde93452a8f89bbfdc4476259a9730fabbe139a72f3c3e334783d6649bd88db6eefddff1b220f25da054f938cee361af2767710298c139ed9120651c2e96798d7d06def7a15067c84b6891da4010f4fd16d6f79d187e614d8fdcc1fed986980d6bdde733482a536ab9148adfb784f9c2bdb627a91a2d528c220f09d823a52735a8eeb08eb5bf01960b2fe7860585d7d046bcbf508c1dba0919f2bc292eaa6235343cfc675d90ce6a26cb35a108a98041113a6f0b4a9ff0b61913ca4287d9ab966acd83bcbe23955564d1af6da533f7a3ad0985374707309da26e4a12b6d3c201f7e08a5f4ff089b9de613bf1bfb943404d78abd33cbf318540658930c1b666bff36afe4ac9e6a79bef99a353aa2982da88087f0dc80bbfb2ff1d8c7df8fa636512970701026a85b56710198f611379646ad36629fab642bf5a06c241b8c00426ed65794d56894f3f6b193d24729bd8889c7557808ff57763e883f77019ae362c61fb281f167ed95d0b8a34be675df17702d53f5eb000f9551e4fce639a2f15b06af7ab418bfcb5ee991e3f332564001a36422e4cd20edab0f948dc8f494ef26f2c966abb6524fc5327d5c829debca0c3c7ea1e5de15160c6c273c01f9cdfd1b81d44344b589e3e2eb9aa23742f2a0f50ca3fd04bec9002543e487b52e0edf4d1675ef1fc5c44319a2f77a410a78c1f80c40e4cf2c89d29f7d4c672a3cb8dee3556090e66d01df9345549b2fe9b52a3c3165a3028960bbb56a0e56dcdb74e3bfce8205b615bdbab7852e036033aaf294833c4d617eae40009ae850911360f7d0a1dd54fda5528f578cf5c9b41c744d9f345c9b8502b27156b53efdbf1cb1f0bd671c0d7f0892bb543a85eb992074a98f21d9ba2574b44a220d0e1eed096e504d064d2d6f17fb26e99aa17788d570bce3d27dbfa4412b5ea570f0e3a6dc99ef17d211549cfad49d726198b231ca04e4c094614337339d6627c2ff9d4a1a076ba1c91bf1d668844cc19db4d4377a496a28f7e34ed4e68ab1a502dc3825729566fa84f7abe95fafe261d8425ce80e8b8be4b8e16bf8e0a065d4b9ceba0d2cb19c143cdc0759a9396f750b30a777b4d5bceff6fb5144906c0c402581f9c4ad846f90e80aa06ee5c2b512028504312f1bef1d9067d6792689c695dd6acf2ece6fcb12128ce242618749dde6ada76b8da795fba82c9a88c8986be35de589d5d082df4dd5e44148246d2c2f4f4f743861b5de993dee0cea00c48dea46134dcb28c7abfab8924aca4b1c10a1940ea614fe400597fb3db0cc1b7c261b8a07c59315d5b22bb92912940cd51e555703c32ad0992278df278a5c9c514adbfaa00fb4cbad67aae047e2349e213237df654a83bffa1edcce1d10ddd6771a9ea6999b0dda6ba570d872986794b2e99b37e6cf6a7cb297095fa6db790a4d5af2f5650a507dfdb27dae1e8d214a2f669852165057f8f7bdd892dec2e66fbf45db9d4731a145b1f13ec33a3f07ce744ff7dac8b93bb74d797b34e60e5e38e6e7f9f68a3b333f0f68059380869b3e69a3698d58acdaa68f68d853f65b0ecb3426c7294ed7e4246b8bea5c38130789a72cb038f815728bfabf11b279e7caa8df23973da62b4fac4574ad1b42a422a7bb7b1318497480751a5b2e3705f4c9798c1daa89e4a0ba75f511a7744f3a561faad3b31154bbe2086374e68855af14477d2bd49455c2dfdcc1578a95eda792ee57a58561e5393028743c89849a6c56e9e9434046fe5253f21047252afb8d28d8fc61b4401e22707e974e77ee9716d992f358598b1a8dab046bca691bb343d64da7bfbb8ba897d55561be46def255c0beb1572897f0606b5e649886f484b52a6bbc81e390717fabeaafdae922120f26917f1952d413ed2bd11d47fe72e0cf6e0d1a47bf3b527349bfcbf320e6ff78673ca43e5d374765d98c43a4a5b45a5005473aaa31f7d1c58cbae05a82e6ad7da47496e8523231bdc2f7fa8ba71b52e8cc8c5ef1261c42d85b6a9b630515f2bccaac6e50587ee87742f0412d6dbb19475650c3690357314f2d620af1b9d30ed803ef8a8d30989a298c65e8b04acac99ed38173ad7b23088d2494bb5a9478a2d8a7567c41eb98afb062f8d46ff51ccf65b873f98ad74fec125094f8a74262dac8a8a4fe18ecbc06b1374530c308a1002c22afb148af5d4e455d4527e4aa91a510df279783ba5c9a5c6283bd0b9e8dc127f4e2f1e8378de2741f657d4067a404618ba2855a277d2b7f5a17901fb25bba7aa3d97b1b5138a37d6add6827a6a44e59dabb680d3d2546a3f0477149a23f7420c397a23d9173889f5ed0491c37837741c0c48d15477829720b3eac1f1ebd26b44b18c38dc31bec6d740f7075c08d2ab120b27357e7b05776186ad2a0f6869c8dfb344fd7ddb02ac31ed2591a80641627138b768a93512f167399edf44df2e71662ab1c3bc629ae0db58724f962c3b19347b3a50aeb224f583a69096876d71cc48063d28f59350c30267d5303a6fa1099df4490a413bcefa78846a59f1b929c30e75278b1294078e8ba9aba174b5d501473a0db85dd04202e211e9cb179973838ff37cd1de5a096cb85d7bf469039f91710dd25312e35e035662fada26b62312c3988033a9b45a09bfdf166080d4a71930c9731d4a76bc64f82d6a8d14259e825a7827b2498e5bc1bf85105b728949535df74efcad481d4f4fdc369d010bb38a1ac7c4671a6b9f8d55dba18954131cc4c46cb321562d609173e91576fe8a15d98bf3bf933933a23a035e45ef387f5fe04ca9f73ac0f2516034f6277fecedbb41c6f4d35a8816417bcd054f470dbfb708b8af8936e6ef7e67004af13cb15b5ab7e20a5a4cb262dfbabc3d5cd0f7e6894e770eeb32b0d41ad4f2168aac1bec04267eaa2ad94fc450b1d0992375f732a6b9f1f72e0a84ac46a044da24b04e215fc2496e74d57a9e69244c2dc7931291c6fe08f7b78b9b59450f8c359", 0x1000, 0x0, 0x0, 0x0) socket$inet(0x2, 0x4, 0x803ff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RREAD(r1, &(0x7f0000000080)={0x2e, 0x75, 0x1, {0x23, "94aaba5262e769c74d3f05368033411f9eb65da444e9bb8917d05d2658b7f6f4597b04"}}, 0x2e) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) socket$can_raw(0x1d, 0x3, 0x1) setsockopt$inet_int(r1, 0x0, 0x3, &(0x7f0000000280)=0x7ff, 0x4) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x80000010005, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000000)={0x7}, 0x7) 02:34:59 executing program 2: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/tcp6\x00') ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f00000002c0)=""/7) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000100)="580000001400192340834b80040d8c560a02000000ff81004e227e00000058000b4824ca944f64009400050028925aa8000000000000008000f0ffffffff09000000fff5dd00000010000100050c0c00fcff0000040e05a5", 0xfffffffffffffc82}], 0x1) [ 482.678134][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 482.684014][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:34:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:34:59 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file1/file0\x00', 0x400000000000003) mount(0x0, &(0x7f0000000040)='./file1/file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r0 = creat(&(0x7f0000000500)='./file0\x00', 0x1e) chdir(&(0x7f0000000280)='./file0\x00') ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 482.809863][T26185] FAULT_INJECTION: forcing a failure. [ 482.809863][T26185] name failslab, interval 1, probability 0, space 0, times 0 02:34:59 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000140)={r1, &(0x7f0000000080)=""/172}) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0xa402, 0x0) ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f00000001c0)) ftruncate(r2, 0x2) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000200)={{0xa, 0x4e20, 0x3a80, @mcast1, 0x401}, {0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, [], 0x1e}, 0x2}, 0x7a4, [0x9, 0x800, 0x8000, 0x8, 0x5, 0x401, 0x8, 0x7]}, 0x5c) setsockopt$CAIFSO_REQ_PARAM(r0, 0x116, 0x80, &(0x7f0000000280)="1681dcaacc2f8388e7bdd5f03b", 0xd) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f00000002c0)={0x8, 0x0, [], {0x0, @reserved}}) setsockopt$CAIFSO_REQ_PARAM(r2, 0x116, 0x80, &(0x7f0000000380)="1008c8184e21e28d3a84fe207032eeebae26404cb5aa512957cdaf26c7e88123694ada42076c9d40ff931a804326af910f8e62584f1d6bd1209d20cfd9393f95", 0x40) ioctl$EVIOCGNAME(r2, 0x80404506, &(0x7f00000003c0)=""/33) write$capi20(r0, &(0x7f0000000400)={0x10, 0x0, 0xc3, 0x80, 0x2, 0x20}, 0x10) ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000440)=""/238) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000540)=0x4, 0x4) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000580)={0xb, 0xb9, {0x52, 0x35, 0x9, {0x8, 0x7}, {0x1, 0x3ff}, @rumble={0x4, 0x8}}, {0x0, 0x656, 0x401, {0x5}, {0x6, 0x8}, @ramp={0x1, 0x7fffffff, {0x100000001, 0x3f, 0x0, 0x8}}}}) set_thread_area(&(0x7f0000000600)={0x0, 0x100000, 0x3400, 0x9, 0x1, 0x1, 0xb0, 0x0, 0x8, 0x7ff}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000640)={0x4, 0x0, 0x10000, 0x100000001}) ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000680)={0x0, r3}) r4 = syz_open_dev$dri(&(0x7f00000006c0)='/dev/dri/card#\x00', 0x7a, 0x400000) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0xfffffffffffffffb) connect$l2tp(r0, &(0x7f0000000700)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x0, 0x0, 0x2, {0xa, 0x4e22, 0x4, @remote, 0x400}}}, 0x32) write$capi20(r2, &(0x7f0000000740)={0x10, 0x0, 0x80, 0x83, 0xfffffffffffffbc0, 0x7}, 0x10) clock_gettime(0x0, &(0x7f0000000840)={0x0, 0x0}) rt_sigtimedwait(&(0x7f0000000780)={0x81}, &(0x7f00000007c0), &(0x7f0000000880)={r5, r6+30000000}, 0x8) fcntl$dupfd(r4, 0x406, r0) r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$GIO_UNISCRNMAP(r7, 0x4b69, &(0x7f0000000900)=""/120) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000980)={0x0, 0x4, 0x7, [0x70, 0x1f, 0x9, 0x7, 0x7fffffff, 0x10100000000000, 0x7]}, &(0x7f00000009c0)=0x16) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000a00)={r8, 0x9}, &(0x7f0000000a40)=0x8) r9 = getpgrp(0xffffffffffffffff) ioprio_set$pid(0x1, r9, 0xfff) 02:34:59 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x3, 0x90000) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}, &(0x7f0000000200)=0x10) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') mkdir(&(0x7f0000000080)='./control\x00', 0x0) r1 = creat(&(0x7f0000000040)='./control/file0\x00', 0x0) r2 = open(&(0x7f0000000380)='./control\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000280)=""/80, 0x50) unlinkat(r2, &(0x7f0000000400)='./file0\x00', 0x0) connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1, {0x4e21, 0x1}}, 0x10) rmdir(&(0x7f0000000140)='./control\x00') write$cgroup_type(r0, &(0x7f0000000240)='threaded\x00', 0x9) [ 482.874340][T26185] CPU: 0 PID: 26185 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 482.883601][T26185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.893662][T26185] Call Trace: [ 482.896963][T26185] dump_stack+0x172/0x1f0 [ 482.901320][T26185] should_fail.cold+0xa/0x15 [ 482.905913][T26185] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 482.911727][T26185] ? ___might_sleep+0x163/0x280 [ 482.916594][T26185] __should_failslab+0x121/0x190 [ 482.921543][T26185] should_failslab+0x9/0x14 [ 482.926057][T26185] kmem_cache_alloc_trace+0x2d1/0x760 [ 482.931441][T26185] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 482.937268][T26185] __memcg_init_list_lru_node+0x8a/0x1e0 [ 482.942941][T26185] __list_lru_init+0x3cf/0x6e0 [ 482.947730][T26185] alloc_super+0x762/0x890 [ 482.952161][T26185] sget_userns+0xf1/0x560 [ 482.956493][T26185] ? get_anon_bdev+0xc0/0xc0 [ 482.961095][T26185] ? get_anon_bdev+0xc0/0xc0 [ 482.965685][T26185] sget+0x10c/0x150 [ 482.969597][T26185] ? ovl_show_options+0x550/0x550 02:34:59 executing program 2: r0 = socket$inet(0x10, 0x3, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x0, 0xffffffff}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r2}, &(0x7f00000001c0)=0x8) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="240000005e0007081dfffd940101830020200a000d000089cb2736cdca74901dd2f00dbd0015000000600000000d00ff7ea897ed3d7bd3ff89ac18409442a0139a830599e00ae3ee8d776e338ab7e6253611dfcc24807705da2a69288afbad25e08a1de0fd238803d572bbc92d2a85bb8e4ccaae8599fd27f1bcee3043524a884bdb3418f4042699298243a2d0374efbf10bf4", 0x15}], 0x1}, 0x0) [ 482.974631][T26185] mount_nodev+0x31/0x110 [ 482.978975][T26185] ovl_mount+0x2d/0x40 [ 482.983049][T26185] ? ovl_own_xattr_set+0x10/0x10 [ 482.987990][T26185] legacy_get_tree+0xf2/0x200 [ 482.992681][T26185] vfs_get_tree+0x123/0x450 [ 482.997206][T26185] do_mount+0x1436/0x2c40 [ 483.001546][T26185] ? copy_mount_string+0x40/0x40 [ 483.006499][T26185] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 483.012738][T26185] ? copy_mount_options+0x30e/0x440 [ 483.017933][T26185] ksys_mount+0xdb/0x150 [ 483.022162][T26185] __x64_sys_mount+0xbe/0x150 [ 483.026826][T26185] do_syscall_64+0x103/0x610 [ 483.031422][T26185] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 483.037303][T26185] RIP: 0033:0x457e29 [ 483.041227][T26185] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.060823][T26185] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 483.069215][T26185] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 483.077178][T26185] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 483.085162][T26185] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 483.093120][T26185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 483.101086][T26185] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 483.168135][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 483.173995][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:00 executing program 2: r0 = socket$packet(0x11, 0x80000000000002, 0x300) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x9, 0x200000) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ioctl$VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000080)={0x0, 0x80000000, 0xd44, 0x84800, r1}) setsockopt$packet_int(r0, 0x107, 0xe, &(0x7f0000000000), 0x4) 02:35:00 executing program 0 (fault-call:20 fault-nth:30): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:00 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file1\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 483.319752][T26317] overlayfs: filesystem on './file0' not supported as upperdir [ 483.476981][T26324] FAULT_INJECTION: forcing a failure. [ 483.476981][T26324] name failslab, interval 1, probability 0, space 0, times 0 [ 483.494763][T26324] CPU: 0 PID: 26324 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 483.503876][T26324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.503882][T26324] Call Trace: [ 483.503905][T26324] dump_stack+0x172/0x1f0 [ 483.503929][T26324] should_fail.cold+0xa/0x15 [ 483.503946][T26324] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 483.503965][T26324] ? ___might_sleep+0x163/0x280 [ 483.503985][T26324] __should_failslab+0x121/0x190 [ 483.521943][T26324] should_failslab+0x9/0x14 [ 483.532337][T26324] kmem_cache_alloc_trace+0x2d1/0x760 [ 483.542098][T26324] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 483.542124][T26324] __memcg_init_list_lru_node+0x8a/0x1e0 [ 483.542147][T26324] __list_lru_init+0x3cf/0x6e0 [ 483.542168][T26324] alloc_super+0x762/0x890 [ 483.542189][T26324] sget_userns+0xf1/0x560 [ 483.542201][T26324] ? get_anon_bdev+0xc0/0xc0 [ 483.542217][T26324] ? get_anon_bdev+0xc0/0xc0 [ 483.542230][T26324] sget+0x10c/0x150 [ 483.542247][T26324] ? ovl_show_options+0x550/0x550 [ 483.542273][T26324] mount_nodev+0x31/0x110 [ 483.599462][T26324] ovl_mount+0x2d/0x40 [ 483.603532][T26324] ? ovl_own_xattr_set+0x10/0x10 [ 483.608466][T26324] legacy_get_tree+0xf2/0x200 [ 483.613157][T26324] vfs_get_tree+0x123/0x450 [ 483.617671][T26324] do_mount+0x1436/0x2c40 [ 483.622012][T26324] ? copy_mount_string+0x40/0x40 [ 483.626959][T26324] ? copy_mount_options+0x234/0x440 [ 483.632164][T26324] ? copy_mount_options+0x23a/0x440 [ 483.637365][T26324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 483.643604][T26324] ? copy_mount_options+0x30e/0x440 [ 483.648811][T26324] ksys_mount+0xdb/0x150 [ 483.653064][T26324] __x64_sys_mount+0xbe/0x150 [ 483.657752][T26324] do_syscall_64+0x103/0x610 [ 483.662353][T26324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 483.668256][T26324] RIP: 0033:0x457e29 02:35:00 executing program 1: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vga_arbiter\x00', 0x80, 0x0) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000280)=0x7f, 0x4) syz_emit_ethernet(0x207843, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60b40900000b110000000000000000000000feffe0000002ff020000000000000000000000000001830090780009040060b680fa0000000000000000000000000000ffffffffffff000000000000ac14ffbb000000000000"], 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={r1, 0x0, 0x0, 0x0, 0x0}, 0x20) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(0xffffffffffffffff, 0x800442d4, 0x0) r2 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x1, 0x100000040000) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000140)=""/91) openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x4000, 0x0) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [""]}, 0x1c}}, 0x4000000) r4 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r4, 0x4010ae74, &(0x7f00000000c0)={0x7, 0x40000000000, 0x40}) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000200)=0x1, 0x4) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x7f, 0x400000) [ 483.672170][T26324] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.691778][T26324] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 483.700198][T26324] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 483.708166][T26324] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 483.716130][T26324] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 02:35:00 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x2, 0x80041) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f0000000340)={&(0x7f0000000100), 0xc, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="78010000", @ANYRES16=r2, @ANYBLOB="00042abd7000ffdbdf25150000008c000500080001006962000008000100657468004c00020008000100060000000800020008000000080002000400000008000400ffffff7f08000200f44c0000080004007f0000000800040006000000080001000800000008000100ff7f000008000100657468001c00020008000400060e0000080001001d000000080002000300000008000100696200004800010008000300d18400002c0004001400010002004e237f00000100000000000000001400020002004e20000000090000000000000000100001007564703a73797a31000000000800060004000200880001001400010069623a626f6e645f736c6176655f300038000400200001000a004e2300000007fe8000000000000000000000000000aa02000000140002000200aac38927f21acc9a1f3b4e2cf5114e22000000070000000000000000380004001400010002004e23ac1414130000000000000000200002000a004e2300001000fe8000000000"], 0x178}, 0x1, 0x0, 0x0, 0x4040041}, 0x20000010) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10) shutdown(r0, 0x1) shutdown(r0, 0x1) [ 483.724104][T26324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 483.732073][T26324] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:00 executing program 2: recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0xfffffffffffffd2d, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x3, 0x2) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='projid_map\x00R\xd3\xf8\xe4\t ]\xf8\xe0\xd5W\xc4anL\xa2\xc8\xe5k\xa3\x11HO9\xa3q\xfe\xef\x05') ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000040)) preadv(r1, &(0x7f00000017c0), 0x3da, 0x0) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000003180)={0x0, 0x0, 0x2080}) 02:35:00 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000080)=0xf4240) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x0) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000180)={[0x4000, 0x1000, 0xf000, 0x4], 0x5, 0x8a, 0xa803}) socket$inet_udplite(0x2, 0x2, 0x88) fcntl$getownex(r1, 0x10, &(0x7f0000000300)) r2 = shmget(0x1, 0x14000, 0x200, &(0x7f0000fec000/0x14000)=nil) shmctl$IPC_INFO(r2, 0x3, &(0x7f0000000200)=""/253) write$USERIO_CMD_REGISTER(r0, &(0x7f0000000100)={0x0, 0xfffffffffffff10a}, 0x2) ioctl(r0, 0xa, &(0x7f0000000040)="0af51f023c123f3188a070") write$cgroup_subtree(r1, &(0x7f0000000000)={[{0x0, 'memory'}]}, 0xda00) 02:35:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:02 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) r1 = getpgrp(0x0) write$FUSE_LK(r0, &(0x7f0000000240)={0x28, 0x0, 0x2, {{0x8, 0x6, 0x2, r1}}}, 0x28) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setpriority(0x2, r1, 0x8) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:02 executing program 3: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x80400, 0x0) ioctl$IMCLEAR_L2(r0, 0x80044946, &(0x7f0000000200)=0xaa9) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000040)=0x74, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) bind$inet(r1, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000100)=0x54) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fe, &(0x7f0000000140)={0x2, 0x80004e23, @local}, 0x34e) sendto$inet(r1, &(0x7f0000000240)="ef", 0x1, 0x0, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000440)=ANY=[@ANYBLOB="73797a31a7f6ff3d1d0fb602efcec6ae3476f1f208bd5a49b57b0800000000000000f949e3f87057475827876ce5338f8d8c177acc74853c5bf5ceb3e6d9973e27e5782c397a322cfd278d173f4ef97d62984f08b5eccc2ffdc25773be71977c77093b4961e66c69ce089875ef79e98b298380efe89985fc6aa2fbc4b2dc9cac5f359b8717dc87f01f23a0dce6482552c8f0b4555a8e171663f1ab624967f3ab0344f3db60de0d19b826ab6e2230d1be18dfdb8a13f6b93685c2c135bdcab688deb765070000000000"], 0xc9) writev(r1, &(0x7f0000000340)=[{&(0x7f0000000540)="95c606f89044c1224bc5c1b0014ae3b6e94ac134b760e6d7115fbc36b977ffd40865f5e083130d20891c7875ac62556cb993b0f3264cb76dc9ba8b15a898f420c3f17e2f6ddd43199776e37564d95481f9aea8ad0bdd359cc7cf62793aaf43213abefc52242fb74b50", 0x69}], 0x1) 02:35:02 executing program 2: rt_sigaction(0x3f, &(0x7f0000000100)={&(0x7f0000000040)="0fd2bb610000000f3764430f0de744d9e0d8cb420f5c4100c42105faee660f11e43e6647d9f1c4c1fee606", {0x5}, 0x40000000, &(0x7f00000000c0)="c4433549cb0a8f4830cede0626fe02dbec66410fd50ec4e2e0f25745410f7f809b52168c3e660f2a5a006646d119f0188200000000"}, &(0x7f00000001c0)={&(0x7f0000000140)="6745dd9e2cf6debf36a50f01d40f01db8fa80885a50000000000c4e17a2cf00f3336f30f1ac06536262e6e0f0008", {}, 0x0, &(0x7f0000000180)="f0800f0bc462cdb6fcc4e2f598947e00080000c4c3bd7a7cef0d08c4e38d0e71bc10c4210d628f41750000c421b5e8dbc4c27935e645d9e58fc8309744bc7c00"}, 0x8, &(0x7f0000000200)) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)=ANY=[@ANYBLOB="140000000301ffa64f8fdb003d88c8f00010ae1b0d5f56433d8b17219590bc4be2eaa1c08eb4daded805ec545211e1580947319f78c5eecfd2e5f9467c92"], 0x3e}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000013c0), 0x4a5, 0x200002, &(0x7f0000000c40)={0x77359400}) 02:35:02 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) r2 = creat(&(0x7f0000001140)='./file0\x00', 0x3) write$vnet(r2, &(0x7f0000000100)={0x1, {0x0, 0x0, 0x0}}, 0x68) close(r2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2) ioctl$KDGKBLED(r2, 0x4b64, &(0x7f0000000000)) write$cgroup_type(r3, 0x0, 0xfffffffffffffe6d) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0xc) write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="710000007d010000005100b700030000003003000000020000000000000000000400060000000872697374e363757367725669643a44650100250b006173796d6d657472696300737148d7fb7c2b156065747269", @ANYRES64, @ANYRES32=r4], 0x60) add_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)="b7d726072bc890c6a01fd9f87489feba931fc02f8f6dd5b6f23c542e98795105daf157a32809ada6fee82bd4aa686281c2e6cbc6deaa1d9eb969d7cf9e3db1637313c9e87c06186675a402a27bdbc4579d2e51def68c19149c11e6df20d91baef2dbe220a3b0abc0c58ecc62afce721def4196860c", 0x75, 0xfffffffffffffffe) ioctl$VIDIOC_G_CROP(r2, 0xc014563b, &(0x7f00000005c0)={0xe, {0x5, 0x73a3, 0x1f, 0x3ff}}) r5 = add_key$keyring(&(0x7f0000000440)='keyring\x00', &(0x7f0000000480)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f00000004c0), 0x4) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f00000000c0)={'\x00\x00\x14', 0xffffffffffffffff, 0x4c00000000006800}, &(0x7f0000000280)='R\trist\xe3cusgrVid:De', r5) ioctl$CAPI_REGISTER(0xffffffffffffffff, 0x400c4301, 0x0) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x1000000005) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={r0, 0x28, &(0x7f0000000500)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={r6, 0x3, 0x10}, 0xc) ioctl$TIOCSSOFTCAR(r1, 0x8924, &(0x7f00000001c0)) 02:35:02 executing program 0 (fault-call:20 fault-nth:31): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:02 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x400002, 0x0) ioctl$VHOST_GET_FEATURES(r1, 0x8008af00, &(0x7f0000000180)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x0, 0x0) io_setup(0x5, &(0x7f00000001c0)=0x0) io_submit(r3, 0xa, &(0x7f0000001a00)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0xf, 0x6, r0, &(0x7f0000000200)="d2b6ca541cbc9865f93ef0035fa6bd55", 0x10, 0x1, 0x0, 0x3, r2}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000300)="f07e9737741e8bbe87dba2a5e9e79ca9a93eaa0af6223368852e48645af3c9505248c3a5cc80e7d90112cb95f32306ae46e6310a88ffb7e08d1fc1cb12951eacaeca59e3bda5b469ce5e19e97abeb515068ebb6d3e36fba243bb682f59514d222ef4295e1d325e7be3b21d1c2731fd2b8959c5d05f2e08328d08755560c36c0645c9b129ee123bfa7ce7418b12abeadffc1057a5d6b4870607e9f4a02a087eddd181660b7188f44049dbac5790fdd703a7e5898accdaa01680200e17bb9e181304b0683726fd5fb7cf721915ff8003aca8fed9", 0xd3, 0xf9, 0x0, 0x0, r2}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x2, 0x7, r2, &(0x7f0000000400)="457417cdb6ce2514701d9523886c289a492da11d5b23c41540d6152c09c14ed1424c580ed462c3b568b6d23454aa037af9bb16a7d7253713cd8a37bfef5a458567ded496eb1eb9c0bd9fb1d389cf60ad958fbc25d92e224d27e3b6541b46d93f4c796ec15a22f2827e28423a7995c75e8542d5619cbecc297d8a16c1bb2cb5260937b126bbb195908e22f1f31c0bee2276287980548a88482065546814747358f7100c18750e0037a14c9407ab3be39bcc4b6cd4289b86fd3d16d8fefebdb35df32a9e63bef18a79b8286e4fbc96a4c0c6048f95270e0bad751b8b97ab90610d28f9d877f6a141cc2814648dfe1d193c545621e9813b6ea7a410b589eb3c3470ab9bf685510ff1690dcb343a83a56ac4c95ff28fd6990ae716173956c4e640fbbffc801e60b4cce6fa3cd8ab0953b3f8902e1e82b14b5ea872744a515be9e45dc6098dcd712b41f3ac338475b0f2b9ec42bd4909ea624e76ff1cc4a570f750826bad8a4b2c0276929008bd7e93968cae3f206aed589196110e3caf1edc1e7faffa2eeb140ca6b5ee5de510440a1f86a8f05a89f9ea617d1678682404beb1fe1228256f60b15f12870000f3732adf870876a4bfd77159cba5ec0b1bf22095b6a150e251fa8f95d9bdf8e05994672d1604ab1558928c1d0ebcd7340c216dd8bdd6bdf18ee85bf76e3ab6a8a9930c00f025792e3fa1291f90540722914cce892fc427335231412712232eab179e7e8c663def896c78eb5d807a5d4d1410e7da35689bcd06d7196066e5882d985a65dca2df14d300308798dac945b20c4ac41f5234fc3dd61c5c0d38936a1940d9cc7896d505ef4891408f13e5427ed54f22339dff615a8affd80f76bf93953f4d12999199af0ccae66ef118b669a635c63fe267cffb972f3f4f1b47ffc8e07104c8e098786b11d5c23944ba837994a5ff9f50a5ed86c5f07417a3213bb52a3badd41f5f94a1e44a498ed3ac396bb6550eb9031ed482e56519fa64dc4ace2f459488e8f33be32643eeb95cbf56470ea215c01c541f3b5c3b134422ae9ddfc827282c5bfa34fe3771e372e3408e9f0b10bd088059e8368646b5b0295731a09c293c87b124fb1093087acdc7244f3907a9155b31ea59678eec2b6976d638a3cc9dd0a68c9afb6d2a632de6250edc0013c443eac6e9cbd8ec4af6d2c96403deaa3f0a68de5ca78a1e275857cbb5dda31fa32b1501e94171fc759aa031f821b077b958f58cf7665e53ea6099e3f68dd6cdeb033352945096302a2b9b3bd713f341513f1af3dbf8fe191ae08aaec4b9741232cceeac3d5f82f8de46ee7b3766b6fd0a55f2593de7aacfcedad7661a215779d0aca524a1ca422c2f764c04663c422834e8a446b25df5edd2beaa9175ea867e4d22b30797ee69cf3a4f956f4b1c3c5853ac3446c44579c5562574c238260503cde6da2b6e23596e972342846a408f927e3a9c9088cf8df55eb80e7ccf433cbb8e4ad23d5375dd628e9810a6851d30939b11437236956fbf2179497732ae6dafed0aa9646258edfb12be25545fc584aaa7d144dbeb63f9188e7415621d6c2570f60e9398a383dbdc4f687f69eee388bbbd21b87c3ed9cbde7461f720ac566ec587a1332af49234652b03c1ffc87eba6e2750e0d631a8239661b2c376051dc5ff8c165f6d27d835d43676eec3412ed2b4ecfe448482424fcb8a1ed601617ae58c4d2c898f599e4235cfa6ea4e25aeb696c7e24536be51d60c139e6765bbcfe278ef74cb0c16aef5242c22daf1903dcaf78315024b8002003e9274934ff2c4b0e158f2fdd9344b0a6a3a6ec995fdee5041b0a10539bf0f07a4b726f7eebed6f7e4a1383eba640bb4f20e581cebc69e7282501733c679379b215048f4cffccd2cd2a85b2e989172f2aad3659cf715117794d81a66a49860905fde85a166e3fed19467af519dc322ea40cd3f9d6d94be084fac7ec0b893b317e3571c30a4b928ea32d01952a2d6a667b709ddd7ce5950220b962d2dce2661bd97921129d0dcc9917fb21217caa10a956e8d347c2879e4c8050af5f5bb14b1f65d2d8e42a4a1e54d75df02ff2ec6f43ec4652a50cf2211f19ee542b980f6b7f22c95698ae0dbfc7ba29afb34da8754820138aeda3f78ae1134b80967a60414c80f05b7d09eab0450fcc471c240ab02fbde8580f0cbb5a9c2bb374a4c3ac1df1bd94511d5e4b7546820ee56c5a703013c371a042b5d2b01fe2bcd467ff11859f887b1b9e992d54d1cc0a5031ecbb5e206d671e5b73fec39257f7fdda2f3dd0b3748d04728d51d1b15447bb246d4c8f2cf288220090ca672914fcf033fda6d501748f8dcbb6db0d17a969a7fbc132d7115a67b68c3b5c1eabb8644148b89384565883052550a7cc600101640919026135dd055b866889660733851f6ed032e9b2224e2a3979a949e54bf139e8d983ff08e46c5acf830872aa00b97987e3e0791d2b3265d4bfd2591d77940186dad132a1c1d305769525f966ba3f27ad16682abebe4b4fc25df5d3eae9e4b17778e7e3ae9fe86f37b12cc7db93dfb09f54483fbcd85fd5b8151469a360fe7c0daa5d90414eb802f5ffa926deb2f02348c83f8da0e50d68269e72d0e79ee9f9852969f0d7d25a98bab7acfa044a0d5a84f9fceb521984a0534aa049d1a7d727db7d73ee77571b799dd25c36e5dc6e580eb06e4cf97864e7a0fc8e29d5732880dbea4e5214325a115c7810b2353caaecd45354ac89365ee7038c083eebd64e272ac1dfb2aef39eecd4a6a1bf35bd82b7de52af1b7723b55f71e498767f5dbe8a294b12518dbf06380102b589cee013dd456214b56d4e663f550b259725c7124ea3b54e46f48dc90fd2ba54d489d6ea66de6940fd0c1af2f5a28451cf0151db50a4473711719781830249ec32543b99341d38b407597168cc8971cf71af3993ffa37bc39c2c033b04d2aa46338391b52a040d05ccc31aa540a103bf70e10852a370e14d87bdb47feb0c2e1963e4331f7073f57aa671d83dd7a2a567f209d091198e8faa1ca94a6193ad1ea53c65851c8bfb879b65ac0bb838c7e947a2b8f4b1cab28ef082107b28a7ad83bc9e1c9257908fed7fedea9f5df8ba79dce28e3f9cdcd99fa18519e044ba6b024f9a86d3c42846589283373c08016a267863138d68a7252ad1dc0dff55c5f04c5bc19b7c5de287d01023d61d4cc1fedc0fcd3338880fae8849260fc504e26ab129c15f8a085b073739a4af8792fe607a86c4e58b3ae38fe0da76ca1176895e2bea690296714a30d720e933cfc1bafcab83d18e4575720d9127ccfbb5dc285f91f4698258a31be393f4d0b75e690fc4b50353ab17934c04e54fb79ea6202bd5d6fd162b102fffc9e90bfc35f8f4323901f1f44dc8f496e96be929365a377598df7d4385e981207dc6cf56f5091019b8b17848ad63f12a264917dcb4540eae3871002655b927fa92f20c91671de34f461054a43cf69bdcc9e9ee57b0452818a05773d13c9b9a11c6c67b039eae9097f50b5c11326e0b9f95ba4719ea52a5a5e3c66d6e3f71d577678367db4462e6f6c28e763134c3fd29dcc6323466202ea93a0f9e4509de156c630324d25c6ebc086e62f00597ada1331cd6f9e8983e6477951239cc72684319362efc51aa8f60e86df6a259b6b120aa854338bea839f7c2bdb23552b19222bae42256950b51f5313375292a3094a746c131daf96e705e3bca19998d2a858e71b545e25bd291abc2a027960e77f670d446f0fa8d93b77c067c2544563fe70d01cfad63329aaf26b0f758511c7d19d934ac3162eb6a200df2c3fee50bea529e05373c15eae75994bfa1e7e1f12ea85ca8ebd079ca55d708ef7d5f7448e75c770fd23480502ffe2cdabe08598db1cdb518a170e3144df0323da6aa47c1965ee9f727212fe315929b6d8f2b692662f13c97f6680588466d1a848a8f2c82c38c548d175ca42cc3b428e92316f22c74a6baeefc14884ec2a119271abe0d76e96bc5f78bbf6a3114a04fde9e1d754d49eb1f6834080afa4100556134c9b83dd604a3a87a95670ecbf50be6aecd8f688b49a1d1333d48566a10445fe25d3678a448efae8e0ad67a70f17ebeb650de7f1865790e529fccbc6d491af9fe8a90a894e930a1bb77da2e4d557278a20ff6c2aba5691aa2f77a6ef866d78642ebc1d3652035ccc891021a39c33fc2b7c74290137dae92ea76e3b48107757a869f0e0d015ea81681f7dcafb35a1941f17f53c201ebe3606bbb5dc6ba5763b5ba2b4bef6742fe22ef60d7d81d6e09eaff2ee2f525978910403efdd4372440c3de9f51cedf8afbcf8a03097ca639bc50a4df2369896f691e66f5a46461fbdcc940a6f83eb81eb871a5671816ed53391e3266cf3fe4e4fb5bb1c2c94483ba4623a50b7ba4cf2f5276eb9bd34f6d380717efaafafcf1d33e806eacd9dd3efa9e45f64d028946a0b604d4680fa4c52618b2c2d252ce26557c0c7587e37ea8e56903c0f01d50d76b7ebf3d4ee1773bde3188e090e44769c583b5e4e42682684528202ae752b854de604d3cf99c85c0ed980afb7c05f2680c7706fea39a709a880f09ec41547d25a1ff53e8ccc2c6463cda15921cad75f37232ff177c7570673f50856735d593a91eedb31ddeedf875e1185b1e0b47c8f940779a64424c32082b60ddd9e42acd57c3acb04c5629e53ddbd3f2bbb08080773c23d7aff3cd5f53af2929b029181ab6006f3b52f755d4529ed68ad19a24aa0c6d2769f2988b56071f90efb88a28659eceec128cd1b5eee71f27c54f1e31dea5fbc748eef12429bc77cc81a71c3dbe89565055dd12c99d8157e3b15cf869872ff19fa2195ca6c245de4d3360c0593c29ec5cf7bbdfb9081ee8c40711464d673be6c3a2b738493277913f6642a8deba5c0d6e0e5b5bf2f277743bc6edaa5fee0206af937a855ff696153d8a5821f4ba4b57baf501d51e0b620946b55abab07cd2aea041f3a579200f6126c8a032c5426f3413ee66f1aac2c5d9a802956df87139022990ba884dd66f4d675b36dfeeace93f0d403b766c85f537fe18a52c744e4af6568727300abafcb3465a91b9cd81df2f52a5cf8ca370a96cf11aa913eb29f6a960daf6b0be103bb64480b61d799becfa9016daca6098c4110a800eab7f5e0d17ef2c518ab5ed1337e2f654a0dd016991cb414be86dca5368d86160ca75b71de264b75b81873b896e21245845272195e8734519317384258efc7f9a30004e2125380eca85243cb2551c69129cfb0c968e6dbf4e9a87a66a8eb92f113d95d09d9a9ddcab252921fd05ba2203f023969eb80b840b8a3a152cbec8006cbaf01b1fb754207cf553c6f0db0d17b5781b87d8415ded90d51cb4fe40fa1759847a2f07e2fa08d29d741307fdf9c2e9f8265d5fa95f568a470e0eb4074852d74cd246b960360be3c5e6f70df441da59f999a9e03a5a3f53e9f650e7c6d8e8773f2fc104121e6a2234fd0abff9f268407ea79438e46c8eb9d4a923f14401528bfde672dc6484f459270c78c424eee4743978c711a9d82b828b6ff3b8f72a9eb6e521544d9d697b351937b1697c92888a78d53bb78d2dc7aeb155d9ca5fe8f2be8cff339ecd5265dd94977aa3b66eb4f9c2a5af0d1d47c4e070641b5bda2a6b77447b91085dd74ca062b4341e3700503b4efc1f26edf06aff74c2ba89d0c7172a7d8753882e6a24d0b24c7ff369e238d0c5f729f76cbf100035fd62bfb4e22e5df2df477eabe40525da1794463db74cb0384ed62c75f14554c59feb8733c4e76d39d638540f4cd9dbda4da41", 0x1000, 0xfffffffffffeffff, 0x0, 0x2}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x401, r1, &(0x7f0000001440)="de4dd1a05c21e8f891b4c718ef517f0855bcd07c2d4580c87c638ffe0a652751716f7bb086158af48226aaacfa1e9b4c07ac5acf1a0b23d8400e877b3bd7830ff6b8d365cb6ff41cc4874670073904328f7d899e11e5a873b9c75a2dbd5286814786cc181900ed0af003818dc2e2ee42d303e3d5b9bae467d506910a2c6ec49a94fa66d77534ed08f0c4455d522d39f23351e2d179ce698611aa1061a019b954bec76a04c18ab052f5c519f2d4c0b6373564436620eefd98c68d104185f3f6b79953472b", 0xc4, 0x5, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x2, 0x4, r2, &(0x7f0000001580)="608dc70ca429c7a8df79cf13165d8e790d064f06f83485405ff6a52ebf1fe5b84d716c4f294e23d34d8c2241d6c6f04a0924ebd968e2d22f1921846bc25e90d956b8971ef20c312cfd00fb0de2ae67ffc964f89f5b8ff6e25067f0fb9bb769504b1643fe7f5a88651bcbaf5f28c878daa9267fe17b794e961ee2e138fd7c8fb68357b12820a656de4e349eb00b2d7aa4419dbb041a711f91190b2c5a1616cace6baf540b32", 0xa5, 0x2, 0x0, 0x0, r1}, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x1, 0x2, r2, &(0x7f0000001680)="d87643d9893728c4ed43c6ccf96942f7f22e9ffdccda73f5343fd42507aac019db3ac5b853dfaae613117fdceea287d94d34f1e801135a6f45bfa095fce99f227954926d9f7c3bd390b9563e19ea9134f981776753fca712542113d38817db84880466ef468935a9463faa085e2c43514d2b442bece838412a5183aa78887163bca61e3e800eaa1aba4073a95e845fdf8e6115c7b97ff63347598b2bb574375c588205634fa4ec6df84d9abc91a60915a40329c125fd8952fd6ba57aacd0fbf8f1181f416daf87a659c720367a03ca318e3057cf73a931307662265a7b", 0xdd, 0xffffffff, 0x0, 0x3, r1}, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x3ff, r1, &(0x7f00000017c0)="e1e93a31e8cedaa8d9e73596b0c5115b04a260bdb3e0c33b5b546bcd65dedf12b6b1ba88ccbb1e60f53cbb0cec3e0898cb0adfbc537b35cdecb9", 0x3a, 0x0, 0x0, 0x3, r2}, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x5, 0x3, r1, &(0x7f0000001840)="06e19c27b8e8541846a491d9076cb6fbd11b8c189412c72d7a4d1e58c4063f6ddfaa8311294d2adc18da3b86b0", 0x2d, 0x8cc4, 0x0, 0x1, 0xffffffffffffff9c}, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x6, 0x7, r0, &(0x7f00000018c0)="20faef3804fac98a94ead2900bb2559c21f239ac9161bf6628fb5c509b2e7526d776d1b8", 0x24, 0x2, 0x0, 0x1, r1}, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0xb, 0x400, r1, &(0x7f0000001940)="2756895ccde0885a6e9beb5e724c6e3101339bbd6eb8e9888bbf644d4ae09ffcf9c344a30359c4e35867b05621287d547991fe0fd89458e4146509e4e2b133b901038eeb3f3055fb2688c039d214ced41719981eaf95d94b6ca7876801c1fde2", 0x60, 0x9, 0x0, 0x1, r1}]) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4) ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000080)={0x4, &(0x7f0000000000)=[{0x8001, 0x5, 0x3, 0x100000000}, {0xfffffffffffffff7, 0x7f, 0x1, 0x51b}, {0x7, 0xd1, 0x3, 0x3ff}, {0x80, 0x9, 0x7, 0x4}]}) ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f00000002c0)) fremovexattr(r0, &(0x7f00000000c0)=@known='system.advise\x00') 02:35:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000000)={0x0, 0x2}) [ 485.911388][T26404] overlayfs: upper fs does not support tmpfile. [ 485.963615][T26404] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 485.975579][T26407] mkiss: ax0: crc mode is auto. [ 486.017518][T26416] FAULT_INJECTION: forcing a failure. [ 486.017518][T26416] name failslab, interval 1, probability 0, space 0, times 0 [ 486.043112][T26416] CPU: 1 PID: 26416 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 486.052260][T26416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.062319][T26416] Call Trace: [ 486.065624][T26416] dump_stack+0x172/0x1f0 [ 486.069974][T26416] should_fail.cold+0xa/0x15 [ 486.074583][T26416] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 486.080432][T26416] ? ___might_sleep+0x163/0x280 [ 486.085296][T26416] __should_failslab+0x121/0x190 [ 486.090248][T26416] should_failslab+0x9/0x14 [ 486.094757][T26416] kmem_cache_alloc_trace+0x2d1/0x760 [ 486.100146][T26416] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 486.105967][T26416] __memcg_init_list_lru_node+0x8a/0x1e0 [ 486.111627][T26416] __list_lru_init+0x3cf/0x6e0 [ 486.116402][T26416] alloc_super+0x762/0x890 [ 486.120833][T26416] sget_userns+0xf1/0x560 [ 486.125195][T26416] ? get_anon_bdev+0xc0/0xc0 [ 486.129791][T26416] ? get_anon_bdev+0xc0/0xc0 [ 486.134384][T26416] sget+0x10c/0x150 [ 486.138201][T26416] ? ovl_show_options+0x550/0x550 [ 486.143231][T26416] mount_nodev+0x31/0x110 [ 486.147573][T26416] ovl_mount+0x2d/0x40 [ 486.151652][T26416] ? ovl_own_xattr_set+0x10/0x10 [ 486.156605][T26416] legacy_get_tree+0xf2/0x200 [ 486.161293][T26416] vfs_get_tree+0x123/0x450 [ 486.165829][T26416] do_mount+0x1436/0x2c40 [ 486.170663][T26416] ? copy_mount_string+0x40/0x40 [ 486.175618][T26416] ? copy_mount_options+0x244/0x440 [ 486.180849][T26416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.187093][T26416] ? copy_mount_options+0x30e/0x440 [ 486.192300][T26416] ksys_mount+0xdb/0x150 [ 486.196549][T26416] __x64_sys_mount+0xbe/0x150 [ 486.201249][T26416] do_syscall_64+0x103/0x610 [ 486.205850][T26416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 486.211744][T26416] RIP: 0033:0x457e29 [ 486.215638][T26416] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 486.235242][T26416] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 486.243664][T26416] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 486.251634][T26416] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 486.259589][T26416] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 486.267546][T26416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 486.275670][T26416] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 02:35:03 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x82, 0x0) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x1c, 0x0, &(0x7f0000000040)) [ 486.376833][T26408] overlayfs: './file0' not a directory 02:35:03 executing program 0 (fault-call:20 fault-nth:32): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 486.514616][T26391] mkiss: ax0: crc mode is auto. 02:35:03 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upp\t\x00dir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r0 = creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000800) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:03 executing program 3: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x3, 0x31, 0xffffffffffffffff, 0x0) futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002280)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@remote}}, &(0x7f0000002380)=0xe8) r4 = getgid() sendmsg$unix(r1, &(0x7f0000002400)={&(0x7f0000000040)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f00000000c0)=[{&(0x7f00000001c0)="26771009c23d9a0b4f24af7b1395984618c3a541ded591d7b265169bf432665cc373addf9b159f35d878410dc3c01cd64e139950c1d695e7ffe2619d410bbda511b35440873d8366b75128f97b31bb0e516368067aa253d761d2aaec323ec51ac5558ad72f408f5dc4e397eece159b8de5b44fe5eba912885857bfe62ac2a83cb16171e2abae8848b74ab5861aa8cabe3d951c79065007ef56afe848b4ce7c5b2f9e09ec2857bd963a5a44d88d357c210774d03af8472a6a15c5b3af107439d0e7b8ec0a55b23997dfa2e1f010c8e0a77f3bebcb03b5a4c9b7498a4ffefed93af8b010da09f8e76343e60f3e328c76a3b19102cfb35e7c146f9ea548927f9c5b203683259281a7045ba66a73b21d1a3a9fd6cbd704d7ad72005363d5f31fc66eed2b013f329ea24705b947b3c3ac1abb7409173eb8a2815531a994ce2658d3e303c861b8a986dcd454de8de4ae6a58e882298e90c7381d635692cfc1a82226056000d49e1b16822835a587c368fccd3f472c894c7bbd05b37ebfd2cff3c9df2522cf87e0f19dffafa94b906c778c820f65adbdc27dda24af202d1b6db8b896718126d13dbd33971f59cf38c9896fb44284f10690fc8fe958d39cfea5ffe3bfd8efe7fd2ba8943288dc6233e4b14310f63ea0a17596141687e2c042ddead40d84aad8ffcf236a65fbeae0c7dec890fce8138d09f5ef6e02cb45f519c840351a61e2e2e7fdf63b1eb5e6846c7a5fab18ba0ab510ce913a090f051ca44dd91ebb6ceb38f1b1a125b60fc6b8a19d9dd212d41e0b8119625a8734eb7686f54954a8fb02bcf0b99c6c1de3406d4fd561e9ad00866c086729e0f4c928d33c1556621b7f60933251cd61436d87060de35640693fc90542b373adee358d4c407cf5ce5990b2f40c24611af3de2cc0cd96900f9f2d39bc2049b68685fe920be8d177353193c2b9ee45000140db004926979e74c7e7d4e92c4ce0100bf8f204bc6b084e8a79970ec835d18bedae3b6b8bcdba9a71a48d3ecde9d4ba1c8be09c485da75a80c257af824d241f5dced198465d85b4924a19c652061f2b5abbaad3287cad44ec2b861c79324cac053c268acea7febc5722d6b31ce04420a6347a99347def997b0072f6c06580cbd2e9b2e70db415b9c53aa8d703f56646ee6d5851079f9b760c0b852ee68b114abdcb1bfab5b881bff7598c048ca41818808d82e6b5e155fd44cd3709919be9d1e54f6f9347ef32719cba552b6a37297ad343c0ebdc00021caf576acb44745116f5f3eed4ff04280f8acd9aca33c5c7e3702587c08ef3ee64f2a3f69a74c9cf925bd9dc20f0973ccf1eb4bc514ab67d1d64976dd00acfbac57a27e7a98848626339419e7ac72467d58ed1a6215a43f3d73e6b6d0e3a7e9699c09474141fbe86d46ac6d67008c0e92a69e6701572002748ce7dfbed05ff151b261470eb040f3ab74bb38ae39db2eb6187701c8cad75c13604d9d9252fcd8abd95460ad3dec47477a98296ae7de5c0008fb9a0146c567a9752b5a9f4c4f788223d7013a7a62660cb41d94e2030cf30975f20988f23d5fa131603c134c3f6ee9c21da3c740282df36cd6711ee60158c6db84e8347d723d6f3e1eb6c13e0200eeede88f247dc0c5cdf899afb628879d315f1cd62ece4a7cfd94be06a74c94958d00b8d8a8a84cf32e4c7b092d796f0dc9c64780ffe029eaac35b83ac193546f9574f7e47efa21717c08bec9e7ab361102304432c2a5cfcf65198c68ddff6bcf3c06540c5b345bc5ee6b56a2c3ba4cb8d35c7f950955dd5440bd2fcd1bf417ff61bbd2c9f5e5a72026823cfc62285a473dc03fbfe9d37e52045b03db8474ea60176db1f7ee5c27e00afe4404464f2ea68fc622285d7bcb37f9102891edf0b253f41c2e76923619076d765244def524aac1b6d573666aec652ba87ecad769cdd141cc3e53c12c17082ff503d8d8fdbc2b345bff78e585447a3866a4800456b50ae086e2b4544ad58eea9dc93d279c8f6d9d4298660f63c43524b4de2ec030223f0e02176fb4977f6f18ca467db202c4b08502a9792162e9ce7b371499648b8ebee20699c82a19aeb6f9013cb16f40868b89611a4a9b126cb91eb034cd77a7bb67dbf7a6f0e719fae12eb44869b8ce31fcc7d8eff0bf8780c9fce0b3d2bba2e933080d8bd93c45f2d679fe5af1cc2577e4f15cf7a7de914d79067ff909fd1f13f6aed04eba486e69a4859864eb7806bb67b8f478140d928b5553f1b524e7fe288842990d736a4954387e957d9f926a0f54fa92733fcdb2489d84454601153ee6766d32fdd423b76e87e9d6e12cf4b28883f9b8cdf72e98882a786d82962bd5d6680488cc9cb6d1cc9bf4d0800f67e2b2c503dc10f40b29b27ef405e85889771511917443d2e071d9d0f94249b031dd232bb4f00b9061f1f720a078f659b9f161be82a2a660c94980ed2b41a8337f75e4558a76fede35ac470de507b80dff7141656961e04ec86bd83ab1b86ffaf60f44fcb6f8cdd5bf3186e875eccaefb64d63bf0d70a198a8fc8aaf1667f9e14c1aa0b2f95f8e8bb95620af0c32292c8510950d59e94176a20012c971c539d0b523201626f3131150082dcebe020142eae3c5f77e1d00d348695879b0aa9478df34b70be4b22e06c9479da4f5ae529993ba697110dd5c791564e26f1fc131b8397f8624469ce2d7b7920962e2eda27591df129fe1aba0ac4346889328cc71d8d54a7c663e26a11a188209c5ac2d727df02a36b6e13252b33a14211fe5564ab74dae11e6d866f7aa3dccd6f579680d2129ffbe64f7e353dccc78fa1715a441df57761ca60a722b9bf60dc3c943cfc1ac9a3470c4dc7d2b53191b2b219bbe34efaa7edeeea801d7efa29ca10cef8fe7302b184e42fece68826d3e90afb2cc5a8ce28b0df8c1b6f9c2fb92baf5d63af15e7cdac992c99317b895681d19a048f3986d0b9c1e7e7433ec890ec93189b682b188708b0c1ddde3fa2b4af94c83067bba111cd09dd06e1db06ad933455a747d401bc867bf09708b6a4ccc1e179350902ebf0b9f6ace18752b1a62edf8df18db3ec74d6634f485472b4611468f0b47c92a7c5d46db9469cfbe4edeabdc84dde159c70dd2ceff3baa1b637cba885b29cd14e7ff7f21495462107572a1b5552b676ff634248f19d63b1b519c44c0cc6a8501d3b283a82db5ea827544936284a83a7da52dee112ed70ed26dc299b899d3df298f4d0974a0fd61267cdb8a2f378406ce56bf906062ebd4b8517c6d9a5f3930190d4e43f342fa6eca74645f3128b916147e5439809b6817b31c8c7fe6377e6e70d451205409b8715d54ec7602116846e309ae7105805eb2fc4861397ae9f9a188b0cd6d41f4dba3a32bb2336f394de6220774dbde1e81f6b6ace57849bd5465c96acc7b610e97fc44c07d6b2a59cc7d153f4418f9540f8f173b2d2c6fbe18f99051f7639d280796a73363dff4911c9ab40e3254b4e8953d081797486c872946c08e7e09c7712d3273630111b036bdc350cf41709ffe95cd778557d1c17696e390df7c586b1bfcade2bd6b0f27ae6ed026d0f6426553ce622dd8fdd7cc2ef6711fc821941c47dff12754678845d61c41df53c5f3eaa6f3a09b4a9deb6f75724b446c78a668c75a9612853871e7025c5a5a18bbb33be6a6c72b337e8b74d56a887d9a9afa43f2b7041dc0e045c3a6092b08b545160cc1250b9a68701e11b05657e161d89d2917584e6598f97e18fac129cc90ff105c106d6e10d1cc51e62b93cad8ad056dad850854e24957db5e74bea2e294245f34f4264091bced871b734d64da20db62876d97ec1825f45eb61640ca7200ecf3816b1c01c1e22cb062fb1cc6abd0eed02512f64597d14aeca2e0f4796298f62d13380c978f3f7118b500c6dc826c6ebc3ea873c0d7ea6340b0da41c5aaee45a14cf06327e403f3fa1a7f77994c7427c1e6cf137ca0fc74ca6c9a1050381d9ae08357f1eb54941effd36f932129cec2e73d3f0904161dfc53409aece231889107c03f0275f7bed9f93e41975e3e0c9c53d0f1c1393c7fd6e1001d1fe82d9b88bc291b019961d06a98ef978532ba55bec9c70a325b7865e2af4595b714bea0f238f004fc109fe1f693cd523ada271ae4f263567f27e27530fd7a9f41a8493cd695f905accb716ec93e12dce32f8733c47858fd7583957e22efa883ba206e88a1e0f2e6109434795f7f48afc7c98b4f7e3ef86d1ebf3d74259be9a0e14ece10bcbceeb719bce28d598499f746cdd42f04573bab245167fcaaab72817dec1bc68558004e379afc0506c30ed9c3d227a251d2c954971a6b57e3f89b271a2ba78ec8dcaa7c0c1b943844e15195d0e0dea6275261b08a655e55a5cf268132f3e07b3f62e5d30c80997defbdc9d77e7dc1add0fc23ccecf53352bdf1a7ad21be3f245f01a7af53ff123a579310069e2fa05f3f94f3f90c28edc958a07efbe9548670499970caaadda616415224c7d10b8137575b004aab0e95d853dda619ac84f2e2de20e91a2daa6b6100a5d2e517bf42d4372a88b019ba8c51b48ce41bf7ebd4cc59c1498df90fec158c34affedbab824715caf85b24762d3de7786a19c9846a8a5fda4f65cb2f90f9d60bb78d7bc9ebd38e5a41f70bfbf64a58b80958aa2951f88e495b61fbc61e4583b61ebfe6581ce7391cb5982a4fb0f063cce94f9435e31495d34de566590c880846e3a7fdb5fc865efdffa0b1a3fcdf24e7c2560f4379d4d33a9a6e4819a4df7e6adffd6db5605f277e1b6993e46afccea0981bad296c075f2dfc86e4d0f9275cd8711f366e3266e635d0cb2c04fb9704c43d3056d63d4b3fb2ecf5e450bd0cc93c10121d1323596786d889dec0eb926991ed01aa1294223f179a02b0a2cd6fd1822f3d77ea918f46bf12ba536a2a425200c2e2dd455acb8050359a497b9ae6faa424694ea231939620cb7be97165deb4c1da67138a5c847015dff46bc46813c1a4da94e3f0af4f8cc320ce9dbda4c1f7509b0925b4f6c269876ffeb28d6acf886b84fc78216d1670e736c0e5913431352c39d8d054e0bed82bf2d62c6ec9106fac6ca1092f8551539e306c9493dd2213f1f7d4e6cbd6b9334da5095da4215663ceef0913e3728e2c1ee5becfb0164f7ae0ec4dd9798be5a727bc42f49fe971cfcd7a5bfdd4cbbdea288283a14028dd2fe7ff8b4addfd0b3390b1ecd6b04d3078565a0e11358c54ad9173775b32b662dbefcd43160d8e62bc4d69d50a684edb5033796b8f6bb0652e52d486f7e4058b61793f40fbb71ee090fe5e76a9659471d5621761127d948a60844941b33744e39779901dcdd5228b2d06eb76598f97b720d999bb72a4b1b3ef80507af3019cbbf167ce7729e6d37d6065dd5e78f91ea567da45b2c878993decf23779a94edf1f5c6c878ce85cfdb6e7ba753fc0d1a6c075d52b1584629c0679d077275c499cb098d9b6263563b9d53b92f40b8c358db32ddb7f739ed29f55038534b10553ee8a0e7d17893265ebf0c77770d174ddf59a059990c2a5f650b5026cbfe692b5805d3ea91d1e91e0e96191380de8ecadd83124038ffd4137545bf933316380d39f62283aac69419b0a6f9f380fcb90f00224cdabed2af8765ca5d0c7b6fdb975550d7bf85f1694eb731f931ae9c957f11b5253e29865bf2e1df52671b97a7b94fc994602a27e374fc8d44d5d7a3d9270340e2fb78bbd20e12e8a11f580ba37352201491deb43ce06c6e0cb7983112db0716e4e10a54661bb661a2c831020b8933b60b63abd12f82344198e228c70e5442", 0x1000}, {&(0x7f00000011c0)="0d5d63f29e083d7a3365eb136a05b92504c4e9fe0e71c1c59c4e2ebb45d5e65636eaa26d4b336a86c6191b930f78513b8e4a53895a508dc6373f73e601366f583699fbaaf8c5ce80e486672b91f3ac64f62711796a538d0f532ec456bd5fff99b4a264e17423d0fd194a27cc9cffc231bd876b917f09799ae3c8f07a22a03210743b04cb419367e84f6df7ba74f8d15b9f9b694746c03dd9d1aab9da2e714daf6445cfb60a95d3815ae8b0980de3b3a537dd343ac395185d85e803ab8d574ef9010b3a3b3a46665b0d4d57058d30ffdecfaa1caaf43dad78bca9b1276108244b2896aaf8e6be543aff08b05233be2e77d6190fd70ac07088af9c9965d1510d2dd9bdf909cbda4add7644fa82a27cd43539e93ab51b51d9ac3298fee58edd1352c0bbef35194c69c7cc4c7f478704ec633ea8880fa5223ac75baea8ad7e66f5f697bad1dc1c3920b03dd2d361d8f7fd37d1041fca86664076d4e19381979951ff154f6e3b3ad2f09581c8f25d21c6ec9bfc17f99f7fc7dd003dd10d80a8cedc7929f7759487cf42cce6f31e2f63c28803890861628b4e0adff667bbd61315516b67cafbcf5396e709d73bd612df025cdf804e63dd4c23a8545fe9b28e1b1f24eca40bf1aa7f82284c74bdf63da1b0daf8bf9625eae13439e757c65d5728da0bbdb07f318175524a28e79840077838c7aa3d91e46129dff002d69588c10759fc57fe310cf1b75c278b205655e82e66b23754bc32f5960fb02180506cfec285774cf10bf84c9dbc7032b7d60c5005a36ff106fd9b5ca4260402f8de28865e6be6f6b7a5c43f7148ea6bca6637dc6389caa1c7c63d051eb41b48784c2616be742f0a9534f6bdd3c3e174dbbff4fd8750be55c3ff4d7cacfb978ce4af843833071d23869e8544d2e94da41959651df8f90a6bc37c80cfe51595790c5ada2065d21bbf9c84b259275aceef655d924ccac079479279436622e1a63a379b919371df9c1081e42fd8011d20c19e86b54e8ddd51e2740f9d70b4f91d0c15653818ded4c14e34c362667d491c89544e80d14ff935aa591ac77842b22b1cd3a1726f79c5e72cef0c47eff7fd604bea872d95a5bbfe3434336ccf86cfbaac742402e33f7d5fb4438ef86c3cfd6bbd6fd755fa2fc26347f70db6ec8a4a342ddb68fd6d592aef9787b1f5811af860030aa8315b458de3bc10c77cce00e1d09a0763cb092e70b7a35ec1d008e06892928d72cec99292a969f4cfe9110fad6f130cdaa483db9aa37e10b23567c915c364d963f70b3d1f6a5ccb0eae2a670cb1a952c206e383eeefa12694589c0805c5d34cdfbbb217620aedc3bb4f38c068d0a2d0f8de2ae51bbf8f9600b47d391376270329f9b25a5d7a98277a83af9fdf1d5e93ac075e1d6a567ad9e9a4243ff6c6030033949bdb66d74a579626eeb5882812f00f2594e6a0649d7554e91a0e29bb0257a9b35271d5a4687a53ea94139f51c0349d1549b5c9a8a34025ddec52ae1c2e6a6a61a4931a761f4b6879daa175e4c384cc2f7ed43a8014c6288f2b3ed5721cc61c6f76a520d42c296c131f610bfa3699926a39b542e4e2ee1cb8332b276df0f05d4cfa6fe0a80b6090b76718918a13e2f971914e0adf9b74ec1c86ce80df27e9182baa264a8ba97bab0eda8dcd17bc4301e9567623152201904e1f7251787c0f8a9e696d4d8fb768639a7651244e3e1f72f67a26466d9f21ba7923fca1dcac62c5f6657ba470828fe47d6179d1a05bd787612cba78800037acbf5699ed8336b7f8c9ff5728d519f65ab88939d570d25dda53fa6ef72574cf09f04d4884788d6f835bf05560e8f717b8bb0bfbb464f29ee83d24310de5264caa2becb13461f046eaeba32606ac1cb2dd9692e66fba3194a28340785469aae3adcff723bdff3812059e7f770ae5d92e8ea0d2de6af145bd398ce83c8d4cc439715b0a1cc256e5bec62810f4b47619155bec3e03e5d4e215f3418c77cf95eb9a59fdf364834ef9ea38f4a053b251d6a82bd8a6d103adbb90e78584d416e2135b712d29d2edd12265755d2ee35adf25e97d5e4f0143eb80e0db94ccda24f1ee79396b7bdee3b6dcb1ed3c890cd0af616f0acc89d06cb4e9860648d1ff1e238035c44b46763d3579becf929f4b24d44c0fe6d726634a96d5f8bddc4dee47cafbae4ff7c18fffa8bdb2198c6b5c79e4e9301f41b0b6182648864dad410b14ef7ff8cc36f41f72dc671c979a9782aca60da0d059cbcbce92f49c4d48090d7c8186055702d589ac73bb64283e5fa7509fc040099c84804bcfef47389a851fdca75a2e17a8affb996d48ef718bfdbee1f5c61724056eaa6e828a82d30fddda9d57b63ff3483eed1f143f4d7697d4a6edeee05313339e694847d3c51ab6c9dad3c617ff3857177b432074d8ff5d2ba4a8430c7f6e908e35cd246ab4cfae1270c83cce42a1b18a776f34dcde2cd603ad8230517f30a0840c69f699d6227f8a93eb6b244d8b919b09b0939d01b1b16f1c8bc89f2c449ed8138df9797aa82609c26047d5dd5e064a78dbc7a65f9727499b7efe335f48c648e6dd3ec72fa893b3b2ca1806a4aa423e5193c5890e7cb328e67b977f63762db0c5bfcdb4ef7ec3540f02addeba6026f3b94e054aed654da032e39678e0bee13caaf97ed095b823ad57ccc56fc93157e508f8d93f72a328efe508d4bf13e923a464608c0b302c95bd0ba30741714310b7a20b5ec8756e7736e386b90a94d5852eaea750a9e1d0b710291098d18e230b575c688059d864992ed3c0adf5a5a00a35826d89dead64e899b8f16c7c7ddb78ad508bb3e230dcdfa3c6e7e151292edfb5704b5149d01fb84ed3436ecaaa7c2304085b62e1d2cac2d33de4c214502632629eb76c238587358585ff9f2310596e71c6e4af5eeed7d60a63a28630533bad078d645ca782f364026e8c6c776ccbc3a52c9db9efb56c319f83612b8711703313aa067c4b90564eb34609fccd44aebca3edfb388b84811d0e79e44fbdc49186893e5024fe08c9b33be7fcdf44c7d780703c52b731ea222380263bb6f58e0be10efe2f41608d20e53303d587cd8b4ade421740c8a9a3cbc4176ab2b1a812cb0fdb8635fffa16bd7885b3650cbf6196aa0eda2163b5d220305e61c8d0d9db2aa78ca32c57c89172e9b90b7b1bdb0c4e4f06cfefb5794f3862a67baeb884a0834a231bd31635b640bab9401d9d2045716dccd4848a9ec067f35f3cc123c2dede1b8d4d4f2e28fc88939da703fcc14ca73eada6bf2b4423e3b2da2ec90b1f91a1e7a43fea4e642e9ce947d29f70c8d104c62477c1403ad358f712859edeeca80c4fcf0e2336901134f6c58bef867913a20c3cc43ea47efd41c66b3f0ea82812e287d031e774b334aa8be06fc0b92c1bcbdcfe6505f6839530134ebae52f3f8c8d20664e7a1ae6d97dd5d54a3f425aa0d14a33a1c3b84fdd4048cbaf9a54ea43b8fba302e5f5b727671fd31a17906b0838bec9298b7fec60645daa6849dded7d43d3550859f2f86df5cd872b26379a0a320fb0847c6bca6cb961cec2e03a2ec530f3b3665bfbe5a5e4f66e4a82f029c8b03aed2e7a9c8ba42d779e40fa2732f5ca9f1b74252d6c6f77781d6fd493b1e5e93578f5cea8078c96b7675e54f8a26157dcc01b309dd8a90c7d6bcc9b4588fa0a4e382ff2cd7f410e40b02eb4f19af7b1b93670c80b10598ca7ca55f3698969cc11572b7004095ad40834a94d03d6a04505aaf43061290533c64c6ade32b98180544db5e145638a0ab4ef82f6f10c68c9d36962c1ac7977fa3281db265d9b0a50324d030869d0530b1d593775c753cbd3e4f4391d0e49a62bf48fd5ab679899005ce89e3b717939457699b86ad455fd8fc2fc194d8a88b614a044a7488da4c5feb40fa8bf8adc1b9175f4c3e11cc6a6ec400ddfc6dcf8ea51ed65a449adc679a3730af42e059eb069fc6020fb2a02f4d78cc0232e75b2491cb22a034db989c8a0d97a3dd7daff8d9fd5d9e640ae6fdc8c75d9a44d963a79754fc2e2793005f1b15dabafd0a9ec110cb3f819841fe60b452d6a0b462883c0fbc880cdccd4360b647e8ebbfb66cb784dece38c78b5476884595ea759980191ed72af37a60f507ddef3ac6a1f75850cb80df41575fdc35a69249338044673007452868ff2bfc3112eee4a2ba3fc80d26f0cb720b91206a85a2040703a987b054ad0a948beefdaf5d710a832de9c0b8a6d97339e7ed4797b20d18ecf13eea523c425e55a7196f020d98d280110d11fb8c9625a2ad6871a32e6640289c2a6645af066bf33063bbc97f020e1d09816b939331d9cfff834f17f744775efe9e62c05d03d1777b167333ab3a1b54ca31bd617a6c71b73e03b37cc9bf5e2d32fd048f55a2700ff1ddab9a1ec3cfa55101703f4db4412a21da8f635e464c407abb64fd1077afd7a0aaee79746335ce5a7d1ccb13799087af5feca01ab7ff3b4e967d543f16a5cb7202a9a319dfc4f2c506124974955d003304871a75a9f0edd07f81f918924da8f5bfef8cea9a15486058487814025813b808db674cb655e1236b4550d793a61aa89437cd2b9b14bb17543f34f0d7e7af64c94901ffb8204d99407a13e51ba0211d03755fad06e876f157779afd8b4a7dc4c7effb9f443f0e9ae89491aea4a3e818872926b6433680bf393f96f77499d35fa5907907ce55affdfe1bde52dc2f2486791cef2dc5de6b160621f727b6af5814c0764c2fdafba03d62bd1eab7eb6e640185003580aa9da25d0cebd96a4febe21ce480a5e2f91cc132090254e140e85b50e32199a9ee59f20c4966b8ce689bf9a50ca3bf2307568a5a5a1ae863619d56347ec76bdb25bcca8ee9f57519ca509c658f0627a776a19cc38ada9ae70c37493436392205064fde87f3092b44813e5eaf410a3efb14ad9aae8945834ac1f34e10b7981bf35a205978022da2f95cc7da60d1ab002b1859a54976d5e1c1bcb520069d126e13a8ec234f19145a4c46cf770f9492be1f63a78bb68977ee025f439a9b0f902da83e6e94e52e5cb826a26bf7948e1bec8ba5a3a2a46e98444020925c24d54fdea02417389bea6b2a7d6161711ce10defc46a2df9a00586e49761c567183c283e5025b1cad4f6e39b4d121644eb1cb7e79a83346048c266dc402982f11ed87b71c5c4cab4d7ec4235727d40e190426396e11fdd42d9394f37f6e5df4d60d8475660d954f9a63071c1af7fd57d916c4b6361bdf8ec9bd7de4f9d1aca6e771e31f264a2ccb1b4c67eb6def9af54f12a6b1d87c90efa94d6c511a642fc480c97d9517158f9546c7a3a7c1d523be84cdab9439be60e0ac14e461e0d5514e705fb0349fd7b45a9066e0d1e3692c0e66977446d0e2185f41c6eab9e7e26d62a7607623c6073e9ad103e0bb713839ac32752835c930650a5493b3bd5f2884cf53b1060d49ed75619e697bea6c2ba17dff0b5f54a61a4feac403d29bde47f7231a872dcdd5d4bda43701ab55e983e3e11e617f61c81400f5f541d10cde58b939eb77e871c1b028e27f44231de26de5f7d4b2568f75620c4a99694d270f865c6a7735e343ff4c7d03da5f9abcba1eb662c55c59a44051bdc2b24771b29ad1de3d70292a2cb0efe5f56f887b1489e89fce653f8c413ec8063ffbab71b60f6c755ff3813c4150ce0bb1a44fb8e9379423ba154af57fc58c7e354ae87629edebaa970671446946858b19df3b6c35fe85ef27a770b22abc09f170834e108f52a6ddbf41ca39949735d000ce8259af020bc84856c80455e500d0e973655c1557806d2aa7bc06d", 0x1000}, {&(0x7f00000021c0)="60c9a876de3532b962adc6e6118cedf77ca08fbc78806278db1e7c032308f24ec84dc654977503b4f782c53a31fb4005d690cce808b7bddbd9d92076459e5bf0d5f58db0d6376f5183282cd26a12c1bfa533968c8672feb83a83529a04091c6e585f9402bf50d159d6e289804df8a921c171432bdd432d67537e697e03ea6ab7e6b1210713683bc362cff3b9793c4e425fa8185f63f172217b1bbfce698ad8b7353becfdec8dde36a8e5429baaa534e9239554", 0xb3}], 0x3, &(0x7f00000023c0)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}], 0x20, 0x40000}, 0x4000010) [ 486.806714][T26477] overlayfs: unrecognized mount option "upp " or missing value [ 486.830414][T26463] FAULT_INJECTION: forcing a failure. [ 486.830414][T26463] name failslab, interval 1, probability 0, space 0, times 0 [ 486.894325][T26463] CPU: 0 PID: 26463 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 486.903479][T26463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.913538][T26463] Call Trace: [ 486.916840][T26463] dump_stack+0x172/0x1f0 [ 486.921219][T26463] should_fail.cold+0xa/0x15 [ 486.925828][T26463] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 486.931649][T26463] ? ___might_sleep+0x163/0x280 [ 486.936510][T26463] __should_failslab+0x121/0x190 [ 486.941540][T26463] should_failslab+0x9/0x14 [ 486.946051][T26463] kmem_cache_alloc_trace+0x2d1/0x760 [ 486.951432][T26463] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 486.957258][T26463] __memcg_init_list_lru_node+0x8a/0x1e0 [ 486.962909][T26463] __list_lru_init+0x3cf/0x6e0 [ 486.967692][T26463] alloc_super+0x762/0x890 [ 486.972130][T26463] sget_userns+0xf1/0x560 [ 486.976461][T26463] ? get_anon_bdev+0xc0/0xc0 [ 486.981065][T26463] ? get_anon_bdev+0xc0/0xc0 [ 486.985657][T26463] sget+0x10c/0x150 [ 486.989475][T26463] ? ovl_show_options+0x550/0x550 [ 486.994501][T26463] mount_nodev+0x31/0x110 [ 486.998837][T26463] ovl_mount+0x2d/0x40 [ 487.002913][T26463] ? ovl_own_xattr_set+0x10/0x10 [ 487.007859][T26463] legacy_get_tree+0xf2/0x200 [ 487.012545][T26463] vfs_get_tree+0x123/0x450 [ 487.017059][T26463] do_mount+0x1436/0x2c40 [ 487.021400][T26463] ? copy_mount_string+0x40/0x40 [ 487.026888][T26463] ? copy_mount_options+0x242/0x440 [ 487.032096][T26463] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.038341][T26463] ? copy_mount_options+0x30e/0x440 [ 487.043548][T26463] ksys_mount+0xdb/0x150 [ 487.047798][T26463] __x64_sys_mount+0xbe/0x150 [ 487.052502][T26463] do_syscall_64+0x103/0x610 [ 487.057108][T26463] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 487.063005][T26463] RIP: 0033:0x457e29 [ 487.066910][T26463] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 487.086515][T26463] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 487.094936][T26463] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 487.102921][T26463] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 487.110905][T26463] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 487.118881][T26463] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 487.126867][T26463] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 487.155632][T26477] overlayfs: unrecognized mount option "upp " or missing value [ 487.318139][ C0] net_ratelimit: 22 callbacks suppressed [ 487.318146][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 487.323895][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 487.398131][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 487.403984][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 488.358194][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 488.364080][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 488.369959][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 488.375733][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 488.598167][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 488.603992][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:05 executing program 1: r0 = socket$kcm(0x10, 0x0, 0x10) sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)="2e0000002e008183ad5de0713c444d000a0000001000034000030000053582c137153e370000000000000000d1bd", 0x2e}], 0x1}, 0x0) 02:35:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000000)={0x0, 0x2}) 02:35:05 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x100, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1, 0x40002) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000080)={0xfffffffffffffffc, 0xfffffffffffffc01, 0x1, 0x0, 0x0, [{r1, 0x0, 0x8}]}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") r3 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0x1, 0x10000) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000240)=0x1ff, 0x4) sendmsg(r2, &(0x7f0000000380)={0x0, 0x10a, &(0x7f0000000080), 0x1}, 0x8800) 02:35:05 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x10000180) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x3, 0x4040) sendto$unix(r0, &(0x7f0000000380)="93daf558735db4054af16c4462c38ab5a525267e63435c4651f08916b2dc31d3061848646d27c11573cd07281f172a183a0e36fb7bf06902cbb3e280b702cc8fb51b74cda5f59559bcd4e9d61f6c590395ad1de0efadbdf0fbd197dbc25110b84df36b34c5d46c3265aef8538ca618426d75f84b7a4a9e1e20a4b5968493756841886a25ab5a", 0x86, 0x44000, &(0x7f00000002c0)=@file={0x1, './file1\x00'}, 0x6e) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:05 executing program 0 (fault-call:20 fault-nth:33): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:05 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x92000) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000280)={{{@in=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000000380)=0xe8) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) keyctl$get_persistent(0x16, r1, 0x0) write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, 0x0, 0x0) write$apparmor_exec(r0, 0x0, 0xffffffffffffff76) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) r3 = openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = getegid() write$FUSE_CREATE_OPEN(r0, &(0x7f00000003c0)={0xa0, 0x0, 0x3, {{0x3, 0x1, 0xfffffffffffffffd, 0xb0d, 0x7, 0x800, {0x2, 0x0, 0x18, 0xfffffffffffffff7, 0x0, 0x50986fcc, 0x0, 0x1ea1, 0x4, 0x2, 0x717, 0x0, r4}}, {0x0, 0x6}}}, 0xa0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x0, &(0x7f0000000000)) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r3, &(0x7f0000000640)={&(0x7f0000000200), 0xc, &(0x7f0000000600)={&(0x7f0000000480)={0x174, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffffb}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffff}]}, @TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}]}, @TIPC_NLA_LINK={0xd8, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2a5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf395}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x37}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_NODE={0x20, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x40}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_UP={0x4}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x8000}, 0x10) ioctl$SG_SET_DEBUG(r3, 0x227e, &(0x7f0000000680)=0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000b00)=0x0) perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xa00000400, 0x0, 0x8000010004}, r6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) link(&(0x7f0000000b40)='./file0\x00', &(0x7f0000000b80)='./file0\x00') getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000940)={0x0, 0x2}, &(0x7f0000000980)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000bc0)={r7, 0x8, 0x0, 0xff, 0x8, 0x9, 0x0, 0x2, {0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x8, 0x7, 0x5, 0x2, 0x2}}, &(0x7f0000000ac0)=0xb0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000)) ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, 0x0) ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0) ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x8010743f, &(0x7f00000001c0)) 02:35:05 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x10, r0, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x101000, 0x0) sendfile(r0, r1, &(0x7f0000000080), 0x40) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x8001) r2 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x81, 0x0) ioctl$UI_GET_SYSNAME(r1, 0x8040552c, &(0x7f0000000100)) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x800, 0x0, 0x0, 0x10001}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000180)={0x100000000, r3, 0x0, 0x889}) fchdir(r2) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r0, 0x800455d1, &(0x7f00000001c0)) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000004}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r4, 0xe00, 0x70bd25, 0x25dfdbff, {{}, 0x0, 0x4102, 0x0, {0xc, 0x13, @l2={'eth', 0x3a, 'nr0\x00'}}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0xc1) r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)={&(0x7f0000000340)='./file0\x00', 0x0, 0x10}, 0x10) arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f00000003c0)=0x49) openat$vnet(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vhost-net\x00', 0x2, 0x0) r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r7 = getpid() getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000440)=0x3, &(0x7f0000000480)=0x4) ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f00000004c0)={0x0, 0x5dee, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x7}) recvfrom$llc(r6, &(0x7f0000000500)=""/4096, 0x1000, 0x10000, &(0x7f0000001500)={0x1a, 0x335, 0x0, 0x1, 0x400000, 0x0, @remote}, 0x10) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000001540)={0x3, 'rose0\x00', 0x3}, 0x18) syz_open_pts(r1, 0x2000) ioctl$RTC_AIE_OFF(r1, 0x7002) ioctl(r5, 0x4, &(0x7f0000001580)="92f32d0b6b05c2f9b650ad49034574b0978ad41157b9d149af66a74897b19021367e628935f1b10f3a99502903f4d4456a05eafcedd0ccf489c14dc7b1340c9609e57d61a301f86bbbaaca4ff452960cab80b695805e131f58051882e9ff2cd856f69f83f0b84cf468026543dc6af207dc8780bb5bd8758e1ef8f527986ddd7add5e33dd3737a9e709901ee94db144d3b6d3bfaef3f925e177bb3023e2d052f3a7972a49573cf43d95d147e074d7bd64a7a4df12ca59ba3b686e0ce7b9c29e5a4313d8497329b441f29b785208b6a1f061adc1afe7613e") setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000001680)=0x7, 0x4) openat$misdntimer(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/mISDNtimer\x00', 0x0, 0x0) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f0000001700)="188de0f1b28872ff7d6b686eed0827ffc7fac1c713fa692991942e6915daabbe44bda003f291d062afc60d6a558d2bdbf74316e1eb2fba7fafc1ff845e246ea27aaec297c8be41e9b5737ad4b5413126173151f761418d16ab55e475139cec512c80b8a60e50aef78b04dafc24322b5b7947b58fd115861b7b113212de48550196e4908cf761fb7992fb573d06bf7d727bcad58aa1b5c313041c4f44d90a31f46303ea56c626ef9c6af1317505f766392258b748c61eec6ae5f0d6c5507d3feef1b34223af653e91e4") capset(&(0x7f0000001800)={0x39980732, r7}, &(0x7f0000001840)={0x2, 0xfffffffffffffe00, 0x7, 0x0, 0x100000001}) [ 488.961638][T26515] overlayfs: upper fs does not support tmpfile. [ 488.999432][T26515] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. 02:35:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000000)={0x0, 0x2}) [ 489.073876][T26505] FAULT_INJECTION: forcing a failure. [ 489.073876][T26505] name failslab, interval 1, probability 0, space 0, times 0 [ 489.149995][T26505] CPU: 1 PID: 26505 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 489.153372][T26528] overlayfs: './file0' not a directory [ 489.159161][T26505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 489.159167][T26505] Call Trace: [ 489.159190][T26505] dump_stack+0x172/0x1f0 [ 489.159211][T26505] should_fail.cold+0xa/0x15 [ 489.159229][T26505] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 489.159250][T26505] ? ___might_sleep+0x163/0x280 [ 489.159269][T26505] __should_failslab+0x121/0x190 [ 489.159289][T26505] should_failslab+0x9/0x14 [ 489.178555][T26505] __kmalloc+0x2dc/0x740 [ 489.178580][T26505] ? __list_lru_init+0xd1/0x6e0 [ 489.178599][T26505] __list_lru_init+0xd1/0x6e0 [ 489.178623][T26505] alloc_super+0x78d/0x890 [ 489.187545][T26505] sget_userns+0xf1/0x560 [ 489.187564][T26505] ? get_anon_bdev+0xc0/0xc0 [ 489.234596][T26505] ? get_anon_bdev+0xc0/0xc0 [ 489.239187][T26505] sget+0x10c/0x150 [ 489.242997][T26505] ? ovl_show_options+0x550/0x550 [ 489.248016][T26505] mount_nodev+0x31/0x110 [ 489.252353][T26505] ovl_mount+0x2d/0x40 [ 489.256425][T26505] ? ovl_own_xattr_set+0x10/0x10 [ 489.261366][T26505] legacy_get_tree+0xf2/0x200 [ 489.266045][T26505] vfs_get_tree+0x123/0x450 [ 489.270550][T26505] do_mount+0x1436/0x2c40 [ 489.274889][T26505] ? copy_mount_string+0x40/0x40 [ 489.279828][T26505] ? _copy_from_user+0xdd/0x150 [ 489.284685][T26505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 489.290923][T26505] ? copy_mount_options+0x30e/0x440 [ 489.296127][T26505] ksys_mount+0xdb/0x150 [ 489.300382][T26505] __x64_sys_mount+0xbe/0x150 [ 489.305062][T26505] do_syscall_64+0x103/0x610 [ 489.309658][T26505] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 489.315568][T26505] RIP: 0033:0x457e29 [ 489.319468][T26505] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 489.339070][T26505] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:35:06 executing program 3: keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000340)='asymmetric\x00', &(0x7f0000000300)=@keyring={'key_or_keyring:'}) [ 489.347479][T26505] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 489.355449][T26505] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 489.363417][T26505] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 489.371388][T26505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 489.379360][T26505] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:06 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r0 = creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x4, 0x4) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:06 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = semget$private(0x0, 0x4, 0xffffffffffffffff) r2 = accept4(r0, &(0x7f0000000000)=@nfc, &(0x7f0000000080)=0x80, 0x80800) ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f00000000c0)={0x66, 0x40, 0x6, 0xb, 0x1, 0x81}) semtimedop(r1, &(0x7f0000000100)=[{0x0, 0x0, 0x1800}], 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f0000000280)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000002c0)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f00000003c0)=0xe8) r5 = getuid() r6 = getuid() getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000400)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6}}, &(0x7f0000000500)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000540)={{{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}}}, &(0x7f0000000640)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@initdev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000780)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000007c0)={{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f00000008c0)=0xe8) r11 = getuid() getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000900)={0x0, 0x0, 0x0}, &(0x7f0000000940)=0xc) r13 = getgid() stat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r15 = getgid() getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000a40)={0x0, 0x0, 0x0}, &(0x7f0000000a80)=0xc) lstat(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r20 = getgid() r21 = getgid() fsetxattr$system_posix_acl(r0, &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000d00)={{}, {0x1, 0x6}, [{0x2, 0x1, r3}, {0x2, 0x0, r4}, {0x2, 0x0, r5}, {0x2, 0x1, r6}, {0x2, 0x3, r7}, {0x2, 0xed48cbf2c34cad0b, r8}, {0x2, 0x3, r9}, {0x2, 0x3, r10}, {0x2, 0x2, r11}], {}, [{0x8, 0x4, r12}, {0x8, 0x4, r13}, {0x8, 0x0, r14}, {0x8, 0x2, r15}, {0x8, 0x5, r16}, {0x8, 0x2, r17}, {0x8, 0x3, r18}, {0x8, 0x4, r19}, {0x8, 0x1, r20}, {0x8, 0x3, r21}], {0x10, 0x2}, {0x20, 0x6}}, 0xbc, 0x1) semctl$IPC_RMID(r1, 0x0, 0x10) [ 489.652186][T26555] overlayfs: upper fs does not support tmpfile. [ 489.660888][T26555] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 489.714850][T26555] overlayfs: './file0' not a directory 02:35:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) ioctl$RTC_UIE_ON(r3, 0x7003) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000000)={0x0, 0x2}) 02:35:08 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[{@notail='notail', 0x3d}]}) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x80800) sendmsg$nl_crypto(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x50004004}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=@upd={0x100, 0x12, 0x0, 0x70bd2d, 0x25dfdbff, {{'ghash-clmulni\x00'}, [], [], 0x2000, 0x2000}, [{0x8, 0x1, 0x1dddc27a}, {0x8, 0x1, 0xf3cb}, {0x8, 0x1, 0x5}, {0x8, 0x1, 0x2}]}, 0x100}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) 02:35:08 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/null\x00', 0x0, 0x0) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vhci\x00', 0x200000000246) write$P9_RLERRORu(r1, &(0x7f0000000600)=ANY=[@ANYRESDEC=r0], 0x14) fsetxattr$security_smack_transmute(r1, &(0x7f0000000580)='security.SMACK64TRANSMUTE\x00', &(0x7f00000005c0)='TRUE', 0x4, 0x3) close(r1) r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x0, 0xffffffff, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x7, 0x400, 0x0, 0x0, 0x0, 0x901, 0x0, 0x0, 0x0, 0x9756, 0x2, 0x93, 0x101, 0xd83a, 0x0, 0x0, 0x100000001, 0x9, 0x0, 0x0, 0x1000, 0x6, 0x1a5d, 0x5288, 0x0, 0x200, 0x10001, 0x400, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x3}, 0x0, 0x0, 0x3f, 0x7, 0x0, 0x47, 0x3f}, 0x0, 0x0, 0xffffffffffffff9c, 0x8) r3 = request_key(&(0x7f0000000140)='big_key\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000340)='/dev/null\x00', 0xfffffffffffffff9) keyctl$get_security(0x11, r3, &(0x7f0000000380)=""/84, 0x54) getsockname$packet(r1, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000008c0)=0x14) readv(r2, &(0x7f0000000080)=[{&(0x7f0000000180)=""/217, 0x20000259}], 0x1) sync() stat(&(0x7f0000000440)='./file0\x00', 0x0) bind$bt_rfcomm(r0, &(0x7f0000000480)={0x1f, {0x4b89, 0x9, 0x200000000000, 0x3666, 0x1, 0x7fff}, 0x3ce}, 0xa) socket$can_raw(0x1d, 0x3, 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1f000000330029080000000038281dd60300000008000000ffffffff"], 0x1}}, 0x0) request_key(&(0x7f0000000700)='encrypted\x00', 0x0, &(0x7f0000000780)='\x00', 0x0) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x103200, 0x0) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="720000007330970700000032f7e5b344a58615d9238c133036d2cee5563ed5a3fb8998ca2529f8ff548d4c457d9890f573fcad41b34f4c47ed8ed0e34bf2401f16a21e79073905cd1ae34e58e9179b4d9c1990e39f01ccc42374788c3f290e6835d26fbdd38f76863c66ecfceff77338dc50a01f3b2d"], 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={r5, 0x3}, &(0x7f0000000080)=0xfffffffffffffe93) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000500)={r6, 0x7f}, &(0x7f0000000540)=0x8) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f00000000c0)={r6, 0xc9, 0x6}, 0x8) ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x13) 02:35:08 executing program 0 (fault-call:20 fault-nth:34): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:08 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='up\x00erdir=./file0,lowerdir=./fmle1,wkrkdir=./file1']) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x20800, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000240)={0xffffffffffffffff}, 0x111, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000380)={0x8, 0x120, 0xfa00, {0x4, {0x5, 0x2, "2690d5d53053cf55e52672ac095a35ab00898dde7b5b960e5578d81455316b1d4f2281350e8bfc7b3cb08b7027efb8aa4e4210c22d557f267cfd0d3a31c13008a6d360731d237394e166368613658a85acd695a181ffe8484fc21a7f6da9f82502ce37cfe42c2b0887404e9541d1f6cb99384b68b3512f7ede40afd24cf9247e09ed827f4b1854d06ed6ca80cc9f85aa50951f25d0ba672382c1873a9ec1582c37e92210447928e87cf791d855f772f9e979eba53d04bd923688bdd71d1164c5c602a68c56182e57e668def1335cdbe93b8931d442894fb05cbee3f9b9d0b2d793b1e0ce358cf0cd0550c3d4ed457ead6564604a4102387960864a0c9ef2fe0c", 0x11, 0x1, 0x7, 0x9, 0xf326, 0x4, 0xfffffffffffffdc3}, r1}}, 0x128) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/attr/current\x00', 0x2, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) syz_open_dev$dri(&(0x7f0000000400)='/dev/dri/card#\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f00000000c0)) setxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='security.ima\x00', &(0x7f0000000300)=@ng={0x4, 0x13, "b009ed34c75284e64474"}, 0xc, 0x1) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000001480)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB=',lowerdir=.:file0,workdir=.']) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents64(r1, &(0x7f0000000380)=""/4096, 0x1000) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='overlay\x00', 0x40000, &(0x7f0000001380)=ANY=[]) r2 = openat(r1, &(0x7f0000000340)='./file0\x00', 0x10000, 0xb4) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001380)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000001400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000013c0)={&(0x7f00000014c0)={0xe4, r3, 0x203, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x30, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8001}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1000}]}, @TIPC_NLA_MEDIA={0x54, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}]}]}, @TIPC_NLA_NODE={0x3c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x29}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7f}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}]}, @TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x44800}, 0x20000000) 02:35:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) ioctl$RTC_UIE_ON(r3, 0x7003) [ 492.050961][T26588] overlayfs: unrecognized mount option "up" or missing value [ 492.150097][T26576] FAULT_INJECTION: forcing a failure. [ 492.150097][T26576] name failslab, interval 1, probability 0, space 0, times 0 [ 492.183737][T26576] CPU: 1 PID: 26576 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 492.184328][T26594] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 492.192883][T26576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 492.192889][T26576] Call Trace: [ 492.192912][T26576] dump_stack+0x172/0x1f0 [ 492.192935][T26576] should_fail.cold+0xa/0x15 [ 492.192954][T26576] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 492.192975][T26576] ? ___might_sleep+0x163/0x280 [ 492.234163][T26576] __should_failslab+0x121/0x190 [ 492.239121][T26576] should_failslab+0x9/0x14 [ 492.243636][T26576] kmem_cache_alloc_trace+0x2d1/0x760 [ 492.249020][T26576] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 492.254848][T26576] __memcg_init_list_lru_node+0x8a/0x1e0 [ 492.260496][T26576] __list_lru_init+0x3cf/0x6e0 [ 492.265295][T26576] alloc_super+0x78d/0x890 [ 492.269724][T26576] sget_userns+0xf1/0x560 [ 492.274053][T26576] ? get_anon_bdev+0xc0/0xc0 [ 492.278653][T26576] ? get_anon_bdev+0xc0/0xc0 [ 492.283266][T26576] sget+0x10c/0x150 [ 492.287093][T26576] ? ovl_show_options+0x550/0x550 [ 492.292113][T26576] mount_nodev+0x31/0x110 [ 492.296421][T26576] ovl_mount+0x2d/0x40 [ 492.300467][T26576] ? ovl_own_xattr_set+0x10/0x10 [ 492.305388][T26576] legacy_get_tree+0xf2/0x200 [ 492.310083][T26576] vfs_get_tree+0x123/0x450 [ 492.314588][T26576] do_mount+0x1436/0x2c40 [ 492.318918][T26576] ? copy_mount_string+0x40/0x40 [ 492.323854][T26576] ? _copy_from_user+0xdd/0x150 [ 492.328716][T26576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 492.334959][T26576] ? copy_mount_options+0x30e/0x440 [ 492.336701][T26603] overlayfs: option "workdir=." is useless in a non-upper mount, ignore [ 492.340160][T26576] ksys_mount+0xdb/0x150 [ 492.340177][T26576] __x64_sys_mount+0xbe/0x150 [ 492.340198][T26576] do_syscall_64+0x103/0x610 [ 492.340223][T26576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 492.367894][T26576] RIP: 0033:0x457e29 [ 492.371787][T26576] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 492.391384][T26576] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:35:09 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$IPC_STAT(0x0, 0x2, 0x0) [ 492.399787][T26576] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 492.407739][T26576] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 492.415689][T26576] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 492.423637][T26576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 492.431602][T26576] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 492.443193][T26588] overlayfs: unrecognized mount option "up" or missing value 02:35:09 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x200000, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x7, 0x400201) [ 492.518140][ C0] net_ratelimit: 18 callbacks suppressed [ 492.518148][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 492.529702][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 492.535588][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 492.541392][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:09 executing program 0 (fault-call:20 fault-nth:35): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 492.723275][T26627] overlayfs: upper fs does not support tmpfile. [ 492.745825][T26627] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 492.758115][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 492.763925][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 492.867237][T26632] overlayfs: './file0' not a directory [ 492.915145][T26646] FAULT_INJECTION: forcing a failure. [ 492.915145][T26646] name failslab, interval 1, probability 0, space 0, times 0 [ 492.928001][T26646] CPU: 0 PID: 26646 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 492.937112][T26646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 492.947174][T26646] Call Trace: [ 492.950490][T26646] dump_stack+0x172/0x1f0 [ 492.954846][T26646] should_fail.cold+0xa/0x15 [ 492.959449][T26646] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 492.965269][T26646] ? ___might_sleep+0x163/0x280 [ 492.970108][T26646] __should_failslab+0x121/0x190 [ 492.975032][T26646] should_failslab+0x9/0x14 [ 492.979551][T26646] __kmalloc+0x2dc/0x740 [ 492.983779][T26646] ? __list_lru_init+0xd1/0x6e0 [ 492.988616][T26646] __list_lru_init+0xd1/0x6e0 [ 492.993280][T26646] alloc_super+0x78d/0x890 [ 492.997679][T26646] sget_userns+0xf1/0x560 [ 493.001989][T26646] ? get_anon_bdev+0xc0/0xc0 [ 493.006608][T26646] ? get_anon_bdev+0xc0/0xc0 [ 493.011179][T26646] sget+0x10c/0x150 [ 493.014985][T26646] ? ovl_show_options+0x550/0x550 [ 493.019999][T26646] mount_nodev+0x31/0x110 [ 493.024312][T26646] ovl_mount+0x2d/0x40 [ 493.028371][T26646] ? ovl_own_xattr_set+0x10/0x10 [ 493.033298][T26646] legacy_get_tree+0xf2/0x200 [ 493.037957][T26646] vfs_get_tree+0x123/0x450 [ 493.042498][T26646] do_mount+0x1436/0x2c40 [ 493.046818][T26646] ? copy_mount_string+0x40/0x40 [ 493.051929][T26646] ? copy_mount_options+0x242/0x440 [ 493.057123][T26646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 493.063341][T26646] ? copy_mount_options+0x30e/0x440 [ 493.068538][T26646] ksys_mount+0xdb/0x150 [ 493.072762][T26646] __x64_sys_mount+0xbe/0x150 [ 493.077421][T26646] do_syscall_64+0x103/0x610 [ 493.081997][T26646] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 493.087867][T26646] RIP: 0033:0x457e29 [ 493.091739][T26646] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 493.111322][T26646] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 493.119713][T26646] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 493.127682][T26646] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 493.135638][T26646] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 493.143599][T26646] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 493.151552][T26646] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 493.159848][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 493.165904][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 493.558213][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 493.564111][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci, &(0x7f0000000180)=0x80) 02:35:11 executing program 3: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200000) ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3) ioctl$SIOCGSTAMPNS(r0, 0x8906, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) 02:35:11 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x44) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000081, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r2) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x4fb) setfsuid(0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000140)) umount2(&(0x7f0000000280)='./file0\x00', 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') syz_open_dev$vcsn(0x0, 0x800, 0x80040) accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$EVIOCSFF(r1, 0x40304580, 0x0) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000002c0)) write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x21, 0x1}, 0x7) syz_open_dev$sndseq(0x0, 0x0, 0x0) 02:35:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) prctl$PR_GET_TSC(0x19, &(0x7f00000000c0)) 02:35:11 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./fale0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) getcwd(&(0x7f0000000040)=""/48, 0x30) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:11 executing program 0 (fault-call:20 fault-nth:36): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:11 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x50c00, 0x0) ioctl$KVM_SMI(r1, 0xaeb7) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="390000001300090468fe0700000000000700ff3f04000000450001070000001419001a0006000000020000000208000800005d14dfb51571a4", 0x39}], 0x1) 02:35:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000040)={0x483c, 0x4}) [ 495.109761][T26674] overlayfs: failed to resolve './fale0': -2 [ 495.212367][T26659] FAULT_INJECTION: forcing a failure. [ 495.212367][T26659] name failslab, interval 1, probability 0, space 0, times 0 [ 495.232042][T26674] overlayfs: failed to resolve './fale0': -2 [ 495.270567][T26659] CPU: 1 PID: 26659 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 495.279714][T26659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 495.289776][T26659] Call Trace: [ 495.293079][T26659] dump_stack+0x172/0x1f0 [ 495.297427][T26659] should_fail.cold+0xa/0x15 [ 495.302028][T26659] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 495.307856][T26659] ? ___might_sleep+0x163/0x280 [ 495.312724][T26659] __should_failslab+0x121/0x190 [ 495.317671][T26659] should_failslab+0x9/0x14 [ 495.322189][T26659] kmem_cache_alloc_trace+0x2d1/0x760 [ 495.327554][T26659] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 495.333347][T26659] __memcg_init_list_lru_node+0x8a/0x1e0 [ 495.338979][T26659] __list_lru_init+0x3cf/0x6e0 [ 495.343736][T26659] alloc_super+0x78d/0x890 [ 495.348148][T26659] sget_userns+0xf1/0x560 [ 495.353160][T26659] ? get_anon_bdev+0xc0/0xc0 [ 495.357749][T26659] ? get_anon_bdev+0xc0/0xc0 [ 495.362345][T26659] sget+0x10c/0x150 [ 495.366152][T26659] ? ovl_show_options+0x550/0x550 [ 495.371157][T26659] mount_nodev+0x31/0x110 [ 495.375467][T26659] ovl_mount+0x2d/0x40 [ 495.379527][T26659] ? ovl_own_xattr_set+0x10/0x10 [ 495.384458][T26659] legacy_get_tree+0xf2/0x200 [ 495.389129][T26659] vfs_get_tree+0x123/0x450 [ 495.393627][T26659] do_mount+0x1436/0x2c40 [ 495.397940][T26659] ? copy_mount_string+0x40/0x40 [ 495.402879][T26659] ? copy_mount_options+0x242/0x440 [ 495.408089][T26659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 495.414323][T26659] ? copy_mount_options+0x30e/0x440 [ 495.419516][T26659] ksys_mount+0xdb/0x150 [ 495.423751][T26659] __x64_sys_mount+0xbe/0x150 [ 495.428443][T26659] do_syscall_64+0x103/0x610 [ 495.433028][T26659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 495.438907][T26659] RIP: 0033:0x457e29 [ 495.442799][T26659] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 495.462405][T26659] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:35:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f000014f000)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000000180)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x43, &(0x7f0000000280)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}}, 0x108) fsetxattr$security_ima(r0, &(0x7f0000000000)='security.ima\x00', &(0x7f0000000040)=@v1={0x2, "dd4bc4"}, 0x4, 0x1) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x101100, 0x0) clock_gettime(0x0, &(0x7f0000000480)={0x0, 0x0}) clock_nanosleep(0x2, 0x1, &(0x7f00000004c0)={r4, r5+10000000}, &(0x7f0000000500)) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r6, 0x300, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x80) [ 495.470809][T26659] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 495.478777][T26659] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 495.486743][T26659] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 495.494782][T26659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 495.502766][T26659] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 02:35:12 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x5, 0x2) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r1, 0x204, 0x70bd27, 0x25dfdbfc, {{}, 0x0, 0x4107, 0x0, {0x14, 0x18, {0x9, @bearer=@l2={'eth', 0x3a, 'caif0\x00'}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x40) fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) prctl$PR_GET_NO_NEW_PRIVS(0x27) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) r2 = syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x6, 0x2000) utimensat(r2, &(0x7f0000000240)='./file1/file0\x00', &(0x7f00000002c0)={{0x77359400}}, 0x100) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:12 executing program 1: recvmmsg(0xffffffffffffffff, &(0x7f0000000500)=[{{&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff}}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000000)=""/58, 0x3a}, {&(0x7f0000000100)=""/49, 0x31}, {&(0x7f0000000280)=""/210, 0xd2}, {&(0x7f0000000380)=""/147, 0x93}, {&(0x7f0000000440)=""/169, 0xa9}, {&(0x7f0000000580)=""/180, 0xb4}, {&(0x7f0000000180)=""/128, 0x80}, {&(0x7f0000000700)=""/201, 0xc9}, {&(0x7f0000000800)=""/183, 0xb7}], 0x9, &(0x7f0000000980)=""/152, 0x98}, 0xfff}], 0x1, 0x2100, &(0x7f0000000640)={0x0, 0x989680}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000a40)={0x0, @in={{0x2, 0x4e22, @broadcast}}, 0x10001000000, 0x0, 0x100, 0x5, 0xa0}, &(0x7f0000000680)=0x98) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000b00)={r1, 0xfff}, &(0x7f0000000b40)=0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r3, &(0x7f0000000240)=[{&(0x7f0000000140)="a3", 0x1}], 0x1) syz_open_dev$vbi(&(0x7f0000000dc0)='/dev/vbi#\x00', 0x3, 0x2) write(r3, 0x0, 0x0) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000785000), 0x34a) writev(r3, &(0x7f0000000540)=[{&(0x7f0000000040)="84", 0x1}], 0x1) close(r3) sendmmsg$alg(r4, &(0x7f00000006c0), 0x4924924924926e4, 0x7fffffff) setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000b80)=0x200, 0x4) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000c00)='TIPCv2\x00') sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c40)={0xa0, r5, 0x4, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x8c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x516}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20000000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffffffffff99}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x1}, 0x0) [ 495.858400][T26716] overlayfs: upper fs does not support tmpfile. [ 495.865312][T26716] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 495.947106][T26711] overlayfs: './file0' not a directory [ 497.718202][ C0] net_ratelimit: 22 callbacks suppressed [ 497.718210][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 497.729738][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 497.798218][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 497.804053][ C1] protocol 88fb is buggy, dev hsr_slave_1 02:35:14 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci, &(0x7f0000000180)=0x80) 02:35:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:14 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) getsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f0000000080), &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f0000000000)=[@register_looper], 0x1, 0x0, &(0x7f0000000140)="06"}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000005c0)={0x44, 0x0, &(0x7f00000006c0)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 02:35:14 executing program 0 (fault-call:20 fault-nth:37): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:14 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x4, 0x2000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000380)={{{@in6=@mcast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000000480)=0xe8) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000004c0)={r1, @multicast2, @dev={0xac, 0x14, 0x14, 0x9}}, 0xc) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:14 executing program 3: r0 = socket(0x10, 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000000240)=0xc) mknod$loop(&(0x7f0000000100)='./file0\x00', 0xa, 0x0) setxattr$security_capability(0x0, &(0x7f0000000080)='security.capability\x00', 0x0, 0x0, 0x0) setresuid(r2, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)) setxattr$security_capability(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)='security.capability\x00', 0x0, 0x0, 0x1) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) write$binfmt_aout(0xffffffffffffffff, 0x0, 0xff92) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$BLKPBSZGET(r3, 0x127b, &(0x7f0000000180)) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = creat(&(0x7f0000000080)='./file0\x00', 0x3) geteuid() pipe2(0x0, 0x0) write$binfmt_script(r6, &(0x7f00000004c0)=ANY=[@ANYBLOB="cb10f3fb4bfd6e019f4d56baf1aac93f8216bb04eed57029a2732b7851f3b613cfd3fe2d0e27243a1decc145f8d24348d19823ddb1f4740bc73300a8e1847edda342d85eee1901712f0e41062f0dfc48dc1a09ed91069ddd4bfdea08613df8a7134b24f1a07615e2a63b0ab848"], 0xa) close(0xffffffffffffffff) clone(0x10002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r4, 0x80045301, &(0x7f0000000280)) ioctl$FICLONERANGE(r5, 0x4020940d, &(0x7f0000000000)={r6, 0x0, 0x8, 0x4000000}) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$TUNGETIFF(r4, 0x800454d2, &(0x7f00000001c0)) syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r6, 0x800448d2, &(0x7f0000000200)={0x2, &(0x7f0000000380)=[{}, {}]}) syz_open_procfs$namespace(r1, &(0x7f0000000740)='ns/net\x00') socket$netlink(0x10, 0x3, 0xf) [ 498.114543][T26738] binder: 26731:26738 ERROR: BC_REGISTER_LOOPER called without request [ 498.166114][T26738] binder_alloc: 26731: binder_alloc_buf, no vma [ 498.190145][T26747] overlayfs: upper fs does not support tmpfile. [ 498.205376][T26738] binder: 26731:26738 transaction failed 29189/-3, size 0-0 line 3147 02:35:15 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci, &(0x7f0000000180)=0x80) [ 498.236202][T26747] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 498.240706][T26738] binder: send failed reply for transaction 6 to 26731:26738 [ 498.284436][T26747] overlayfs: './file0' not a directory [ 498.302872][T26739] FAULT_INJECTION: forcing a failure. [ 498.302872][T26739] name failslab, interval 1, probability 0, space 0, times 0 02:35:15 executing program 3: r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_WIE_ON(r0, 0x700f) syz_open_dev$loop(0x0, 0x0, 0x0) syz_open_dev$usbmon(0x0, 0x40, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) ioctl$sock_inet6_SIOCADDRT(r1, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x77a0100]}, @rand_addr="58c4c4a733d993a894f49491cb15d13e", @loopback}) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={0x0}, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) 02:35:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 498.332665][T26762] binder_alloc: binder_alloc_mmap_handler: 26731 20001000-20004000 already mapped failed -16 [ 498.362123][T26738] binder: BINDER_SET_CONTEXT_MGR already set [ 498.364484][T26739] CPU: 0 PID: 26739 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 498.377592][T26739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 498.387649][T26739] Call Trace: [ 498.390952][T26739] dump_stack+0x172/0x1f0 [ 498.395290][T26739] should_fail.cold+0xa/0x15 [ 498.399890][T26739] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 498.405711][T26739] ? ___might_sleep+0x163/0x280 [ 498.410574][T26739] __should_failslab+0x121/0x190 [ 498.415528][T26739] should_failslab+0x9/0x14 [ 498.418657][T26770] binder: 26731:26770 ERROR: BC_REGISTER_LOOPER called without request [ 498.420294][T26739] kmem_cache_alloc_trace+0x2d1/0x760 02:35:15 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x7, 0x521402) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000240)=0x2d7c) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 498.420315][T26739] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 498.420340][T26739] __memcg_init_list_lru_node+0x8a/0x1e0 [ 498.445332][T26739] __list_lru_init+0x3cf/0x6e0 [ 498.446967][T26769] binder_alloc: 26731: binder_alloc_buf, no vma [ 498.450122][T26739] alloc_super+0x78d/0x890 [ 498.450143][T26739] sget_userns+0xf1/0x560 [ 498.450155][T26739] ? get_anon_bdev+0xc0/0xc0 [ 498.450170][T26739] ? get_anon_bdev+0xc0/0xc0 [ 498.450182][T26739] sget+0x10c/0x150 [ 498.450200][T26739] ? ovl_show_options+0x550/0x550 [ 498.450213][T26739] mount_nodev+0x31/0x110 [ 498.450228][T26739] ovl_mount+0x2d/0x40 [ 498.450241][T26739] ? ovl_own_xattr_set+0x10/0x10 [ 498.450259][T26739] legacy_get_tree+0xf2/0x200 [ 498.462071][T26769] binder: 26731:26769 transaction failed 29189/-3, size 0-0 line 3147 [ 498.465207][T26739] vfs_get_tree+0x123/0x450 [ 498.465226][T26739] do_mount+0x1436/0x2c40 [ 498.465252][T26739] ? copy_mount_string+0x40/0x40 [ 498.483578][ T7559] binder: undelivered TRANSACTION_COMPLETE [ 498.487511][T26739] ? _copy_from_user+0xdd/0x150 02:35:15 executing program 0 (fault-call:20 fault-nth:38): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 498.487533][T26739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 498.487550][T26739] ? copy_mount_options+0x30e/0x440 [ 498.494162][T26762] binder: 26731:26762 got reply transaction with no transaction stack [ 498.496532][T26739] ksys_mount+0xdb/0x150 [ 498.496552][T26739] __x64_sys_mount+0xbe/0x150 [ 498.496570][T26739] do_syscall_64+0x103/0x610 [ 498.496593][T26739] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.505699][ T7559] binder: undelivered TRANSACTION_ERROR: 29189 [ 498.509413][T26739] RIP: 0033:0x457e29 [ 498.509428][T26739] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 498.509437][T26739] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 498.509450][T26739] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 498.509459][T26739] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 498.509467][T26739] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 498.509476][T26739] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 498.509485][T26739] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 498.543666][T26738] binder: 26731:26738 ioctl 40046207 0 returned -16 [ 498.561108][T26762] binder: 26731:26762 transaction failed 29201/-71, size 0-0 line 2899 [ 498.666971][ T7559] binder: undelivered TRANSACTION_ERROR: 29201 [ 498.677282][ T7559] binder: undelivered TRANSACTION_ERROR: 29189 02:35:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = dup2(r1, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000000)={0x1, 0x7, 0x992e, 0x0, '\x00', 0x7f}) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000000c0)) r3 = gettid() setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000140), 0x4) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x27) fcntl$setstatus(r2, 0x4, 0x427fb) [ 498.718313][ T7559] binder: undelivered TRANSACTION_ERROR: 29190 [ 498.758202][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 498.764062][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 498.769922][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 498.775687][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 498.838311][T26784] overlayfs: upper fs does not support tmpfile. [ 498.845390][T26784] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. 02:35:15 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)={[{0x2b, 'io'}]}, 0x5afb89b88433fe95) [ 498.969744][T26784] overlayfs: './file0' not a directory [ 498.998160][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 499.004022][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:15 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) r0 = creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f00000002c0)={0x9c0004, 0x5, 0x63, [], &(0x7f0000000240)={0xbe0929, 0x80000000, [], @p_u8=&(0x7f0000000040)=0x9}}) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) [ 499.029480][T26805] FAULT_INJECTION: forcing a failure. [ 499.029480][T26805] name failslab, interval 1, probability 0, space 0, times 0 [ 499.057758][T26805] CPU: 0 PID: 26805 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 499.066904][T26805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:35:15 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/uinput\x00', 0x200000000000805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000880)={'syz1\x00', {}, 0x18}, 0x45c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x40100, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000040)=0x3, 0x4) dup3(r1, r0, 0x0) [ 499.076975][T26805] Call Trace: [ 499.080279][T26805] dump_stack+0x172/0x1f0 [ 499.084622][T26805] should_fail.cold+0xa/0x15 [ 499.089224][T26805] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 499.095069][T26805] ? ___might_sleep+0x163/0x280 [ 499.099951][T26805] __should_failslab+0x121/0x190 [ 499.104910][T26805] should_failslab+0x9/0x14 [ 499.109430][T26805] kmem_cache_alloc_trace+0x2d1/0x760 [ 499.109449][T26805] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 499.109473][T26805] __memcg_init_list_lru_node+0x8a/0x1e0 [ 499.109493][T26805] __list_lru_init+0x3cf/0x6e0 [ 499.109512][T26805] alloc_super+0x78d/0x890 [ 499.109532][T26805] sget_userns+0xf1/0x560 [ 499.109543][T26805] ? get_anon_bdev+0xc0/0xc0 [ 499.109564][T26805] ? get_anon_bdev+0xc0/0xc0 [ 499.126361][T26805] sget+0x10c/0x150 [ 499.126383][T26805] ? ovl_show_options+0x550/0x550 [ 499.126397][T26805] mount_nodev+0x31/0x110 [ 499.126413][T26805] ovl_mount+0x2d/0x40 [ 499.126427][T26805] ? ovl_own_xattr_set+0x10/0x10 [ 499.126444][T26805] legacy_get_tree+0xf2/0x200 [ 499.126466][T26805] vfs_get_tree+0x123/0x450 [ 499.157909][T26805] do_mount+0x1436/0x2c40 [ 499.157933][T26805] ? copy_mount_string+0x40/0x40 [ 499.189854][T26805] ? _copy_from_user+0xdd/0x150 [ 499.194723][T26805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.200982][T26805] ? copy_mount_options+0x30e/0x440 [ 499.206193][T26805] ksys_mount+0xdb/0x150 [ 499.206212][T26805] __x64_sys_mount+0xbe/0x150 [ 499.206232][T26805] do_syscall_64+0x103/0x610 [ 499.219712][T26805] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 499.225637][T26805] RIP: 0033:0x457e29 [ 499.229537][T26805] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 499.249140][T26805] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 499.257560][T26805] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 499.265539][T26805] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 499.273524][T26805] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 499.281515][T26805] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 499.289491][T26805] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 02:35:16 executing program 3: r0 = socket$kcm(0x10, 0x800000000002, 0x0) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="2e020000120081aee4050cecdb4cb9040a485e510300000000000000000f9f0300000000008000000000000000000a76043be000868a000000", 0x39}], 0x1}, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x7f, 0x240) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x6, 0x0, 0x10003, 0x1}) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000180)={0xec9, r2, 0x10000, 0x401}) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f00000000c0)={r0, r1}) [ 499.460250][T26830] overlayfs: upper fs does not support tmpfile. [ 499.472534][T26830] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 499.569964][T26830] overlayfs: './file0' not a directory 02:35:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x14) 02:35:18 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="3000000010000105000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000ef897fcb5340d02bca7a935e0275c110"], 0x30}}, 0x0) syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x45, 0x70002) open_by_handle_at(r0, &(0x7f00000023c0)=ANY=[@ANYBLOB="08100000000001009ec564a6f14a23f3e7072ec2c01a9a0be0f83b198bf54a744496fb66a87aad05d4f604bc5bfdf57a2255c80ef467af9467d772a665d932b5fd7d6c4a74b1b9a4182274378b25f7ad696360e3e5d8bbaaa5cb46a070aa06f909a72e03dc34e592e4f9fded75d35f2a21b238523ef20977cc3d8f6ec965dc80e5bc3cd8fc3e44ee913718f697127af8c253d7758a66144679ee7a88a46716c13fade7c563aaac19e2d7e18d650521ac4ef6cad3aebf29f59706dd44dd5b62ca6c89e0549ae126e3e4e1b566e36cb1bead1a7307efd2fb2b09fcf677a3e7b423fdad295e7ebb00810361347479aa3e60494f61729dd110f6dc2e253436c0d7b721aa78bdb82c761df59549e4340ec9086a906e238e774bdebf7953f0fda1960a7ccbc30eb9d8c81223dff3b586f743995468c3e314a7cb03ddc810e0ee35c2c936c4f902e46f8082b98250b6f533496d62ca18340a4a31703c307e074352ef4509b9acb94d5ebc742f4833e689fa5c828510a72510e14d200860b63d3c1b85078794ef6639edf387a81e694889cf532f66bb3fcbd6ceb15043fb1e5f66569a226ba62cd71cfbef69cd8cc69df65e71ae350f67cfc02862b0ccd6fc3305ad9d0aced106e525508cd3c778ea840299f3dc1c3ef58942e82618937aeaf63aa1b48c0fe11c0d2c0724e901beaa9f06164912ebbbadef71cd1ff543b6c00165acd1b3d1872dbd25edf705a405b34d78377c1cf09c0af6d66a682300357322c3111144a0bea0679ed9a47e6a726645b02e0762108ef738a341e111c84ce686ee0fe0b433a567b6d2e4116f2b0907bc1cf295e4cc737d2496eb0e73daaf4c413a4556843d881ff8c8b7bad036a1d770516746d64c387c6dd4e7699d6c6a61bedcd36ea018807650a0bde622170d1c113b3195a85c50a2e4cee9815b5f1bc5cf21bc8551add305b47d9072ca73b733aa845e030386cc8911afd7a59534132d3648fc577a5564134403a5ba46aac9c3710665d8bfbc072345d82ec7581156e6b3e9de1ad9985917f1c786d7b74fab708109b59976dfe657a674404e9dd77c464e061dd789bfd281119a1de601cc24432607865920aa9b5bdc7d4ee38f0c824990a9da01e8a6d0f1a5d8fc4d4d05b59b578f75d0bf5f13c58f399905ae7a61e90a2d6551050f3aed76f3a4c3e472fdc060302c702a0395170588e3dbed9e513d3d7cf3aab78f443035510c0804092393804f034ec114abacad701496794a8991d411e871c2a2104735469dfa8c7d6020e7b61f6dc309dc638bf76cc1c4ea27ed0b47fdfbcc6d565287534e6b3bdeafd2ba026b29e81bc50810feae00affaf1be76fc74a30dbc3385d66f6c4bd4dd68fab631a47fdd8afd89232651c6c3a76107ff8d8b6c5f54ac6d5c32ccb670777a9e70823d0d8194d724edc079d71ab36e0bd6d7a3d8041c0cbe73a264aa1b2a9d1a3cac77cc0d9927a14139fcceb2d7c85849d3a59028f1b181812c0921ab07f6064c2a9db61e269b59338efe14e0c8efacd6f84402dfa07b21f2975d82066c2400f02176773cc0bd295e431399069a32ff260c02e041b231523cf280e97ff2529fb575f90f9a53993b06a0ba3009397d4657926148ee7fb4134a87159201ecb0cf4203194a81519948ea7727aec2d863e60ff797d3a0687192366f09dcedcdf1e309fddce2c73fea7ae87361c245ea2af00cff59ef66703abed0c7b87f3651d26210de424bf04539a15abed90ab83f3e27d68aa045975e004d2ae10c73ddd0c37342312334c9aff7913c46b427168c3d4ac02c088ebb549a8ba17d33434ad1e7189034daa65ed0a51d6e4b47f9df2f57d4623904f22271ac6ca4e7f443797c9b3a5eaeab654d2f14f65ab0f4623202eea9f02b44774e773d8d21b965b5648c3870b58b91bae2c6f8229633e6fb5a83b372070ef8ff370f42cec47c2914652bde5907ac66228add0d0dcf8bd60ff5023ce3489076e1b66b443e1303ed0735bed4d4d6cc6320a70145444ce38cc30c62d5bbfca8541e5abc3e0f3c8e3b0b21c099c4163b67c2d73580761b1a4af67a3e0a2f60fca894710c6f20cbf57c65cb697dab40104d1a03121ce82fe45e32c9c0e3a774f84f05ed008c6ee7f8b86587185f26def6f7634f73c28c4596a3d05d05bdcfba402cefa11f027ee48ab1ef05c55ef74c2b56f0a9805daa8a507ee23e3b8f5e1505d8e86392567c8ddb971bd647290e0507b9e17c1ffbd092f5aeb7eada839bc7ea1b0bb9f99d7129266664daada15e2c2d39c50b259b2b4e9a907f69d3980f48586396d6ee856cc4fadd0225f79df01f7fda06985fb08308c14bdcec2e83272cad3d8e133c5e8e3ad9ac8117eb09890de646950852c577cc1218ced0256baacc1ace43c0232337dbaa6593303163c5dc731f90df17e69d534f2841a554bfbfd1181ca9740888bd699b04cae9cddec0a4590c43e80b4876c08526859f48b0d43da1583c99b825666f44765f1e7a9026aa8d43d157874977e60ea77b3eeaff6e1d75c998ccc106f8fb4e72909e4fe8c7cc9723f42f8c99eaf2464cf7d930b66bf7a51bbd60e43f2d7242cfb534119ea03c5850c82e9c33b13b66e54f5b156e0098a54d503f7d6d25b29f688b87ae4dc6cdea1ee4bab18ad9b7de4d7df017f7618b34bcf41aa6b13da981deda5050eb284423ffc2677c0bf4b70cf3bc317ccc002a2371fc7744cb556bfc04c4588868e1d5d8128abe2733b83e2e3bdf830695fab4525d950c45dfe73132c77d5b099520355ed4b109b945b96bc2a6bf16e3a36bd4d572579f21e6aa197c648d6d84adc76c373ba786811657483fabfacd26b027501b3ac2ae2c4a5c7aae8d5c44731c86a1a1c1003ddefc724afb0883c2f4358dceffab9d8d96968506211ac93bd7af15aa8537a1cd4d3721134645edcfa87e48c3752b95009eac65e06eac176157dbf77b45c01ecf7dcc6e12d075987517b812988b5e3dc9bb0b1aaaf3cc6c68ba3b4cf690089dc4010ab2bc5570c690457d0806f9dabf04bd2f6f6369cd53424f0f448de124667578503b8e27631c16e0ae012d1c0b6354bef999cf4f27ca045b8ad107e304ee1c73155d4b19b4ee9fdc232fccf0e3cc835b985cdea593168d2464c128ee1869bba8712d82c2b13050f318dd7999f5ab9f8f250ab348c4cbb7b4d4c3eaaedb0bb650a5ee6b645951bbf0abda74a9c64ee3e4105031f5c1c3e5d6afbe0d97b0421474a4176e927c5d81af1ee9a170e482236116d81db08f39b426ba1200ee8f8ab57333e9d52e63c01dfb97802ec72eacaa550aa0bc17102ebaad6923a2cfb813a048156dea06f34b60112c1998d48159d6f5e43bb389309413053d639fdc5cb5c41232f229516f0a57672959c2bf28d55ecbfa05002ee50e15790c4aa02aed094b9da721b5b061a783f9ba06eaa89e854bb4a6c27e5ddc982db580ea597de53900886f34ffb59f83df725b23775434446c8999c7fcb4a53b9ceda2f01aead59e7d0d35503a2c22842d8586f0f6e4e2330f6ce61aae609d01803c1b5d00785b5d28ab83dd16a705f64884b4fee65cab535081a610eb6f29b2da23d281b287348576179d4f7f6dd545c97bd164106b2cbc88f45bd6493610d76616d054487521ee3b691a819ac36fa61d58918ee773452fac9b1d4d663abbd044cbc304b86a6eb42ec0ad53e06812de546ad4b93edc926640eba58f1b786238bf7c97ceba59d4bf38d2682e37bc0df38848920c624b79e94b5b983813431aabe2067dd4defa61f52295ec0e4c461cb4b693c2cfbfccbfeea8f803879062c8ffa45ff0354caac76d031723b893f3f652afe6c71975b7bbaef40ba31928cb21073d1abf51b380f2f946763b551c6c7a368019f5a9eaf4aad95bad7d99b9088065d33cc914d11b4b58ab5fa77441127cb3e22f3d497a0cdbb01b2144532c3e710a52d355bce2eb4bc7c765dff12a9f5ec88efd539e729554b7e00e737cf41283626a2e3cf95329d4e765f922dd98fa6661cb7ff449ed3e21c17d6174ceca5f8f275af11b7c3dc37efc80518a89b1c08c77c0efa538ae7eb852983e11de49a22bf7b40428e251ee1fa7dbe502132298d5e3e7dd66383e9edcf8214fab85dfc7f6c119425b93faf2d62f5d7f456d66760338a67987ac9b0da60b4b2d36a9265c74d66220b6649f77e06037be65ed8e84ae28d42b78890ace049e63e853d742c4880958ed4967f5d26d80c127fecc6b97d6796f67748211db5550c4407c3c84017a90af8d6496d3d8fef57702cf33491bb0035f8d43b4bd6fa1960d512225d11eaba968621997c75f45db388b554408ccc1517cadf6cd10162fb750602cdca5cfdbfbb631ee6d894733d2c5165faea81797b0e7f11e33de355ce3534b13d13e35fce79de6dcf5c2499b496c013e8a75d056d7ab0ff001d9e816ce7e266276f9db73669b937157bfe2032e69368d904c1ee7f5728669394d7daba79c37bb4c49336f3cfab831aeae608c18613bd145494f6d131aabd14206402282cb7bccaca7224648036a7e3f160ac1d4ccf9801611383ac94137d9f54032de204bdc4e8065f0bc6ea56bf932e3de8e3d70cb178b944fb71052ebf9acb26fbbb9db596011108542b880ed3c537c72d178e6b14ec882a1b63124715d236293c6a6ed7a8a609512ddaf6250c38f5e84dda4ad300ab519c8705a8f307b8e4e820e3ae7dba47d102ad4ff6c3cffaa4d020f752e8cb6484920055c15acdbd96233218e8042af19b7297d6aecb105f04e298d0843fbbf55e4bae9de16db3057019ef9b66ab0556bc9e7daa8ab01cbd2ec24b0dd335d188c1557a40164ef31e3ec149ae43dddb282a3cf805223af7fbc62226511a1be155446b0943abcee011fedd0210a79d5099ba5d976c80435280e05843ca3d456047e6c339a0737a8a22cbdcf5d5a13ddd8c9b83d30efce6a192be460dab9064eef70183bd3a44b0ba438d1bfd6af8c1c51f6528a11d153ad7ef39f889e193821c6c78813bde9320799d760237e1da51c5a7525f7771851dad5fc9a42f3fd65526819e4443ab1dbdbd9cd5e6322418c01084c79a1d2c847d9977160bc03cf62e5a70f14e6a34367e0be1086a353d4b6abc83b4ac4b0b4e97942aeb1602898914f75f834672cdcf82f65c260efbf9a59652191738f6452403072f7b6477a3141c0f55d378b385756a1cfdce81cdc013e603abe5bf0535a33535cbb2a20e65ffa9d8c5a9a3b7f674342e35df2bf05b95cb49053894398312199e4c36888198d0cb7607f6cfbb022d7f43701f71c53bac936ccfd59df9a369aa8ff620ec1fdc690a16e24e8a032a37637a367a88f0776f0c29a39a48878ce5c7dba53995ed738eb5d619a45c09d2b7c24f08433c10a6a9405cd6eeace5bc153b046b0e221f74a1626336cad60c1b9502bd0162f78633fd9b3d3ce09a1b2df1dd50ebcaceca0930ca38c9d9b31b225b3408549e01c75df28c2f7b795579e2430a3333b83571b398505734bdc00f5d425469ca541780716131cb00b0a12178f2cbcbfc4473e946dcb641b3b5ae4eaf382bcbec17ac482610de63e05880b8aa494554c1cdff8920b8df4a883de614c68060e2cbfee4cae67a2a9b6438317a56c19493232867fc748b51c09740d7221af0c52f0e661613f843e6123296747a45c24a3c62426a7f98618e2c3e155fee1fe25cc8cec76a8a63ba4422312f368f25652f5f306890ea0a9350516e1e938c334bd5e9da723ba69500df5f90673bb88a260a433f6097065dfc098833aa284d69369f5dc04803f7b0a28eff0ecaadd508f23affb4336e735766c697c35944f45c3f26b068a1d27697f216ed4b094dd2cad31cd1a2d1f7d7d94e447b5f653eb2c4ff1855366d2c07fcc48b6562ff3478f1535e149bdde1f17e540b718a2eaabb0f49e9c7e0c9221461a21aed6ae7d0471c562df7e49a62edb93814534bf5bb4a09efafdf37faf4002a838e652a01fd2a85815518287b70c5d08a0d8309dbe4d73d036983652e5c68fc7fd5dc5589f25816ae5cda122"], 0x200000) 02:35:18 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:18 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/null\x00', 0x20800, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) getgroups(0x1b6c6ea85651534, &(0x7f0000000080)=[0xffffffffffffffff, r0]) r3 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@ethernet={0x0, @broadcast}, &(0x7f0000000440)=0x64, 0x800) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000300)=0x1000, 0x4) write$smack_current(r1, &(0x7f00000000c0)='md5sum#\x00', 0x8) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r4, 0x800, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0x7, 0x8001, @udp='udp:syz1\x00'}}}, ["", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x40) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x0, r2}}) 02:35:18 executing program 0 (fault-call:20 fault-nth:39): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:18 executing program 5: r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x4, 0x30}, &(0x7f00000002c0)=0xc) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000380)={r1, 0xb4, "eb2e2bfbbe5931e3d03e9172a164924598719a904e31a7b7cd0a88423394b5bb460b5b712523420aeb14fc7122d949e9c410e7bf46558f53a26245ffbaededb48d2b433c89a2c00832ef26d8cd71ff03c87332b01f907f20183d4a1a4c9d6030f065b1430a0790739c36e48831bf8e77f45df5fef9b2371fd0adde79efa971829eb9455792003695f3e8f8efe1e030a9f70f142cce17d98d05f00d643f97c2c7ec373884b89ea2c27313b05681252e268aa6defb"}, &(0x7f0000000300)=0xbc) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000440), &(0x7f0000000480)=0x10) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) syz_genetlink_get_family_id$ipvs(0x0) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x0) 02:35:18 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000040)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000), 0xffffffffffffffff, 0x0, 0x2, 0x20000004}}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x240080, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f00000000c0), 0x1) [ 501.387794][T26852] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. 02:35:18 executing program 3: pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) r3 = socket$inet(0x2, 0x3, 0x7f) setsockopt$inet_udp_encap(r3, 0x11, 0x64, &(0x7f0000000080)=0x5, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r3, 0x0, 0x3, &(0x7f0000000280)=0x7ff, 0x4) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'batadv0\x00', 0x200}) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r2, 0x0, 0x80000010005, 0x200000000000000) write$P9_RFLUSH(r1, &(0x7f0000000000)={0x7}, 0x7) 02:35:18 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:18 executing program 1: mkdir(0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) lsetxattr(&(0x7f0000000300)='.\x00', 0x0, &(0x7f00000003c0)='\x00', 0x1, 0x0) r0 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x100) sched_setscheduler(0x0, 0x5, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r2, 0x2008200) sendfile(r2, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x8000fffffffe) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect(r1, &(0x7f0000000200)=@generic={0xa, "13d88ddc80c6c7c6d1ff437e7f222c2802c87582aba37ba516a73e52bb878b11f8df9ec5d87e2ac3b668e6dde9cab3cd5e734e27149381717b5db5564c8be7894c27f9040d69727f1172af4b74501f3c4a3f360225e1c879c23609c8fd8bc4fb714cc58f51617253640d3cf25cbda73f6d8caa8a508095b88ee929db6b51"}, 0x80) sendfile(r1, r1, &(0x7f00000000c0), 0x8080fffffffe) [ 501.465378][T26865] overlayfs: upper fs does not support tmpfile. [ 501.470048][T26854] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 501.505154][T26865] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 501.562800][T26849] FAULT_INJECTION: forcing a failure. [ 501.562800][T26849] name failslab, interval 1, probability 0, space 0, times 0 [ 501.577976][T26853] overlayfs: './file0' not a directory [ 501.619419][T26849] CPU: 0 PID: 26849 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 501.628566][T26849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.638624][T26849] Call Trace: [ 501.641926][T26849] dump_stack+0x172/0x1f0 [ 501.646286][T26849] should_fail.cold+0xa/0x15 [ 501.650889][T26849] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 501.656715][T26849] ? ___might_sleep+0x163/0x280 [ 501.661593][T26849] __should_failslab+0x121/0x190 [ 501.666541][T26849] should_failslab+0x9/0x14 [ 501.671051][T26849] kmem_cache_alloc_trace+0x2d1/0x760 [ 501.676426][T26849] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 501.682249][T26849] __memcg_init_list_lru_node+0x8a/0x1e0 [ 501.687894][T26849] __list_lru_init+0x3cf/0x6e0 [ 501.692670][T26849] alloc_super+0x78d/0x890 [ 501.697098][T26849] sget_userns+0xf1/0x560 [ 501.701432][T26849] ? get_anon_bdev+0xc0/0xc0 [ 501.706028][T26849] ? get_anon_bdev+0xc0/0xc0 [ 501.710625][T26849] sget+0x10c/0x150 [ 501.714447][T26849] ? ovl_show_options+0x550/0x550 [ 501.719480][T26849] mount_nodev+0x31/0x110 [ 501.723823][T26849] ovl_mount+0x2d/0x40 [ 501.727899][T26849] ? ovl_own_xattr_set+0x10/0x10 [ 501.732841][T26849] legacy_get_tree+0xf2/0x200 [ 501.737526][T26849] vfs_get_tree+0x123/0x450 [ 501.742037][T26849] do_mount+0x1436/0x2c40 [ 501.746379][T26849] ? copy_mount_string+0x40/0x40 [ 501.751327][T26849] ? audit_add_tree_rule.cold+0x37/0x37 [ 501.756875][T26849] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 501.763117][T26849] ? copy_mount_options+0x30e/0x440 02:35:18 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 501.768325][T26849] ksys_mount+0xdb/0x150 [ 501.772577][T26849] __x64_sys_mount+0xbe/0x150 [ 501.777274][T26849] do_syscall_64+0x103/0x610 [ 501.781873][T26849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.787773][T26849] RIP: 0033:0x457e29 [ 501.791676][T26849] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 501.811336][T26849] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 501.819755][T26849] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 501.827766][T26849] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 501.835748][T26849] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 501.843709][T26849] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 501.851681][T26849] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 02:35:18 executing program 5: getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') fsetxattr$security_capability(0xffffffffffffffff, 0x0, &(0x7f0000000340)=@v2, 0x14, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, 0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="75707065726469723dc24fffbe5e9ba7dc37e92e2f66a64bf5aa2c6c6f3c776f726b6469723d2e2f66696c653104ef7d4e1d675066683ea4029344f05a2e0000000000000000000000000000d28ee436b48b60a89e9dffedadad7ea1c19ef4efb47f625c1fd7312da3d9f7521faa551e6fdae323a804129084db67f14e87985237921cfebb952505ea620828b2f6b3e5f79021890612b5d80ca330e34493f2229df2c6f086c3dd2d49d2cbf0033f6b9f1e15f81ced171205735a77a71ee3310f4ad85ad7363a077bca120ae6b324d702"]) syz_genetlink_get_family_id$ipvs(0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x400000, 0x0) mkdirat(r0, &(0x7f0000000240)='./file0\x00', 0x20) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x4e2101, 0x0) [ 502.264957][T26909] overlayfs: unrecognized mount option "loDZ." or missing value [ 502.323132][T26909] overlayfs: unrecognized mount option "loDZ." or missing value [ 502.918204][ C0] net_ratelimit: 18 callbacks suppressed [ 502.918212][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 502.929721][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 502.935540][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 502.941344][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 503.158146][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 503.163973][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 503.558199][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 503.564049][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 503.958143][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 503.963979][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x14) 02:35:21 executing program 0 (fault-call:20 fault-nth:40): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:21 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_targets\x00') ioctl$SIOCGETNODEID(r0, 0x89e1, &(0x7f0000000040)={0x1}) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGSKNS(r1, 0x894c, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write(r1, &(0x7f00000001c0)="240000005a001f001007f4f9002304000a04f51108000100020100020800038005000000", 0x24) 02:35:21 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:21 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = dup(0xffffffffffffffff) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000a00)=[@request_death={0x40046304, 0x0, 0x40046304}], 0x0, 0xfdfdffff, 0x0}) ioctl$VIDIOC_DBG_G_REGISTER(r1, 0xc0385650, &(0x7f0000000040)={{0x3, @addr=0x6}, 0x8, 0xfd1, 0x2}) 02:35:21 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socketpair(0x4, 0x80000, 0x7, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000480)={0x0, 0x2, 0xc844, 0x0, 0x1, 0x3, 0x0, 0x7, {0x0, @in6={{0xa, 0x4e22, 0x199, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x8}}, 0x1, 0x74f5, 0xe0, 0x6, 0x401}}, &(0x7f0000000540)=0xb0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000580)={r2, 0x9b14}, 0x8) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f000000c080)=[{{0x0, 0x0, &(0x7f0000007e80)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000007d80)=""/230, 0xe6}], 0x6}}], 0x1, 0x0, 0x0) recvmmsg(r0, &(0x7f00000003c0)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f0000000180)=[{&(0x7f0000000100)=""/117, 0x75}, {&(0x7f0000000000)=""/48, 0x30}], 0x2, &(0x7f00000001c0)=""/215, 0xd7}, 0x80}, {{&(0x7f00000002c0), 0x80, &(0x7f0000000380)=[{&(0x7f0000000340)=""/25, 0x19}], 0x1}, 0x1c0000000000}], 0x2, 0x40, 0x0) r3 = socket$kcm(0x29, 0x5, 0x0) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/dlm_plock\x00', 0x0, 0x0) accept4(r4, 0x0, &(0x7f0000000600), 0x80000) sendmmsg(r3, &(0x7f0000007e00), 0x115, 0x0) 02:35:21 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:21 executing program 1: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x400000000000003, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x7, 0x0, 0x0, 0x0, @in={0x2, 0x0, @loopback}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6}, @sadb_sa={0x2}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}]}, 0x88}}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f00000000c0)="ca86b61cd090731bc48c5c821d0e9555f2a9e15b608de8fb7bc3ed791ed1ca927c688b5e8a2080af8553c9e53dd7d8a910", 0x31, r0}, 0x68) 02:35:21 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0x81785501, &(0x7f0000000140)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [], {0x77359400}}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x280040, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x80000, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x0, 0x0) ioctl$UI_END_FF_UPLOAD(r2, 0x406855c9, &(0x7f0000000640)={0x6, 0x8000, {0x55, 0x7, 0x7f, {0x7fffffff, 0x4}, {0x3, 0xa19}, @period={0x58, 0x207d9238, 0x3, 0xfffffffffffffffa, 0x3, {0xfffffffffffffe01, 0x6, 0x0, 0x1a09}, 0x4, &(0x7f0000000080)=[0x2, 0x5, 0xffffffffffffc3e2, 0xd]}}, {0x0, 0x4b, 0x101, {0x800, 0xff}, {0x5}, @cond=[{0x7fff, 0x4, 0x3, 0x9, 0x1f, 0x8000}, {0x10000, 0x40, 0x6, 0x1ff, 0x3ff, 0xfffffffffffffffb}]}}) write$P9_RLERROR(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000700)={0x0, r2, 0x0, 0xb, &(0x7f00000006c0)='/dev/vcsa#\x00'}, 0x30) sched_setscheduler(r3, 0x0, &(0x7f0000000740)=0x2) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0) accept4(0xffffffffffffffff, &(0x7f0000000000)=@ax25, 0x0, 0x0) prctl$PR_SET_MM(0x23, 0xf, &(0x7f000000b000/0x4000)=nil) r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) socket(0x0, 0x3, 0xda09) connect$llc(r4, &(0x7f0000000380)={0x1a, 0x1, 0x5, 0x5, 0x0, 0x0, @link_local}, 0x10) sendmmsg(r4, &(0x7f0000001380), 0x3fffff1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 02:35:21 executing program 5: setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001000)={{{@in6=@mcast2, @in6=@initdev}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, 0xe8) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x200, 0x20000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='[,.:system\x00', r0}, 0x10) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@initdev}}, &(0x7f00000000c0)=0xe8) ioprio_set$uid(0x3, r1, 0x1f) getsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f00000002c0)={@local}, &(0x7f0000000300)=0x14) r2 = socket$nl_generic(0xa, 0x3, 0x10) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000680)={0x101, 0x9, 0x2, 0x7, 0x1, [{0xfffffffffffffc00, 0x8, 0x3, 0x0, 0x0, 0x100}]}) setsockopt$inet_tcp_TCP_QUEUE_SEQ(r0, 0x6, 0x15, &(0x7f0000000640)=0xd2e0, 0x4) setsockopt$netlink_NETLINK_RX_RING(r2, 0x29, 0x6, &(0x7f0000000ff0)={0x1c2, 0x0, 0x29, 0x2}, 0x1c2) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000100)=0x4, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000003c0)={0x0, 0x48, &(0x7f0000000340)=[@in={0x2, 0x4e20, @empty}, @in6={0xa, 0x4e24, 0x5, @local, 0x3f}, @in6={0xa, 0x4e21, 0x535, @empty, 0x3ff}]}, &(0x7f0000000400)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000440)={0x0, 0x9d, "18a8fb9dd9067e7e98babcc8659f0f29bbc89837eec43189d1485c576f9f8d1a062f27967c1d4e15105066aad87e37b1acbcdbc0073be0e0f12b5e3001d9e4eb693af2d77cd058d9e8e7f0ad9091eb9bf50b6114eaec2dcecf6411cad319e43d38f962eb441189ff8be2cb9af7a6b9e63293035688ef06de831306baf26388c422fbffb03d4e26c4756fe914c2cb43b722b20ef6746e1cbffdbd06a9af"}, &(0x7f0000000500)=0xa5) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000540)={r3, 0xe0, 0x2fd5, 0xffff, 0xff, 0x1, 0x1, 0x1, {r4, @in6={{0xa, 0x4e24, 0x8000, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}}, 0x8, 0x2, 0x80af, 0x1, 0x9}}, &(0x7f0000000600)=0xb0) [ 504.639921][T26938] FAULT_INJECTION: forcing a failure. [ 504.639921][T26938] name failslab, interval 1, probability 0, space 0, times 0 02:35:21 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 504.694182][T26938] CPU: 0 PID: 26938 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 504.703370][T26938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.713468][T26938] Call Trace: [ 504.716759][T26938] dump_stack+0x172/0x1f0 [ 504.721085][T26938] should_fail.cold+0xa/0x15 [ 504.725663][T26938] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 504.731452][T26938] ? ___might_sleep+0x163/0x280 [ 504.736293][T26938] __should_failslab+0x121/0x190 [ 504.741215][T26938] should_failslab+0x9/0x14 [ 504.745706][T26938] kmem_cache_alloc_trace+0x2d1/0x760 [ 504.751107][T26938] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 504.756911][T26938] __memcg_init_list_lru_node+0x8a/0x1e0 [ 504.762531][T26938] __list_lru_init+0x3cf/0x6e0 [ 504.767280][T26938] alloc_super+0x78d/0x890 [ 504.771681][T26938] sget_userns+0xf1/0x560 [ 504.775991][T26938] ? get_anon_bdev+0xc0/0xc0 [ 504.780565][T26938] ? get_anon_bdev+0xc0/0xc0 [ 504.785159][T26938] sget+0x10c/0x150 [ 504.788953][T26938] ? ovl_show_options+0x550/0x550 [ 504.793969][T26938] mount_nodev+0x31/0x110 [ 504.798279][T26938] ovl_mount+0x2d/0x40 [ 504.802341][T26938] ? ovl_own_xattr_set+0x10/0x10 [ 504.807272][T26938] legacy_get_tree+0xf2/0x200 [ 504.811931][T26938] vfs_get_tree+0x123/0x450 [ 504.816415][T26938] do_mount+0x1436/0x2c40 [ 504.820748][T26938] ? copy_mount_string+0x40/0x40 [ 504.825695][T26938] ? copy_mount_options+0x1de/0x440 [ 504.830885][T26938] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 504.836408][T26938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 504.842626][T26938] ? copy_mount_options+0x30e/0x440 [ 504.847811][T26938] ksys_mount+0xdb/0x150 [ 504.852045][T26938] __x64_sys_mount+0xbe/0x150 [ 504.856713][T26938] do_syscall_64+0x103/0x610 [ 504.861310][T26938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 504.867191][T26938] RIP: 0033:0x457e29 [ 504.871077][T26938] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:35:21 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x200000000003, 0x5) r2 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vfio/vfio\x00', 0x260003, 0x0) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x2000, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) getsockopt$inet6_int(r1, 0x29, 0x2010000000000031, &(0x7f0000534000), &(0x7f0000000040)=0x4) [ 504.890688][T26938] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 504.899089][T26938] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 504.907068][T26938] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 504.915018][T26938] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 504.922974][T26938] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 504.930924][T26938] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x14) 02:35:24 executing program 3: clone(0x2102007ff4, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='\x00\x00\x00') exit(0x0) wait4(0x0, 0x0, 0x40000000, 0x0) getsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000040)={@dev}, &(0x7f0000000080)=0x8) close(r0) 02:35:24 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = inotify_init1(0x80800) ioctl(r1, 0x1000008912, &(0x7f0000000600)="d396985e446ffafb8d72cafb4850d1dff158f1619c055b75070e5d0d737aeaef86e0f7b154ec89feb0f9f51212ee589ef137573307dd7f49305b82adc37732f22090094e04e972b629cbe9126b7bd14896df2270cd686cd4c12229abc04acf20676124c4fc70bc21b00f176cbde63ccb") r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='>/cg\xd1oup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000300)='me\xedoD\x95r\xfd\xcezy.\xcb\t\x0e\xa1\x93\xea\xd5\xe2\x85z\x81\xe2/nj\x1e\x84\v#\x1e}w\xab\x1d\xab\x00\x00\xeb\x1a\x90y\x88\xff\xd1\xc9\x88\xcc\xe7\xe1H;y\xa3=\f\r\x8e\xaf\x03\xd3\x85\x0f[\xf7\xa5\xc9x\x06\xfc\x04\xe2+\x1c\v\x9e\xd7\xc8\x1f{\xb5\xc6m\x01C8+\x84K~\xee\xbb\xe9lw\xf7\x93H1c\xb2\xd3\xbf\xd12u\x18\xa2}$\xe9\x1c\x822\xb9\xdc\x9c\x1e-\x83$~\x87p\x92\x85\xc6Z\xfa\xb0\x9f\xbd<\xc4\xc3\xeb\x81\xaf\xc46\xc6\x83\x15\x9fF\xac\xfc\xc4hvZq\xd1\xd1o\x97\xe1\xb2\x87\xba\xe1X\xe2\xe7\x9bv\xe1\x12\xec\xed\xd8\xaa\xde/@\xd4g5Ne\xd2G,= \xc9\xae5E\xcfg\x9d\x9cY\x8a\xf5\xde\xeb\x8c\xc1\x7f\xf1\xc8\x06\xe1\xb4\xd0\xdc\xb0pYm0x_\xa6\x945\t\xa4;\x83\x1d\xf0FV!N\rd\xeb[\xfa\x00\x00\x00\x00\x06!\xc1R\xfc\xec\xb4\xe7\xf5v\x9f\xe1VA\x93\xa7\x86\xed:2\xf4\xd7\xcf\xcc\x99\xc1\x11|\x8b]\x8e\x96Z\xd8\x00I\x8c\xab\xa4\xe6\xef\x1ex\x94\xd3\xc0<\xaf\xdc\xa63M\x8c\xdc\xb7\x96\xf0\x83\aX\xca\x17\xc4\x00\xd7\\.\xb1,$6\t\f\xd7\x8e2!\x94\x02\xf5\xdf?4>\xa9\x06\xd5M\xd9\xa0\xc7\nj\x1d\xa2\n\xe9\xab\xcf \x9f\x8b3\f\x9c2\x1br\a9b\xc2\n\xee\xaeu(FS~\'\xd5((f\xc5\xfb\xf8\xc7|\xec\x13\xac\x03:\xfd\xfc\xe8mQ\xfcjm\x83\xfc\xcbl\n@\x81\xd6\xcf\x02\x8b\xe5I\xbe\xf60\xb0\x13\xc7\x84\xde\x85\b\x90$n\x16\x7f\x1aQU\xeb\xdf', 0x2, 0x0) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x24000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={0xffffffffffffffff}, 0x13f}}, 0x20) signalfd(r3, &(0x7f0000000240)={0x2}, 0x8) write$RDMA_USER_CM_CMD_ACCEPT(r4, &(0x7f00000004c0)={0x8, 0x120, 0xfa00, {0x0, {0x0, 0x2d, "5e1c49e56390720e6a8c65d41dcae03ea3e57b233004f798409edb78b3c528786aae110139d262d9b858eaac3fb32bad07667777f5123d44b37f6d8b5ce07599f1f0de5228c7db34a66e26ee26a156999f56494fc81359e8829d3bad6fb0bb340bc5497814da94f18a3fd7aa49bad854019bebb7cef1dd01d115b84a55a923a73971264e33d3944d4a5c105eaaa5277611915cbfeae72d4744d145c410ce0a741e6cfd34fcd51851c28790bf9dcc2515bc11d0a6d914e3fcefd448555bb41650efd0d38fc7def4497167a2278e3ae7b5a3e3ca17da850e1b472b836eec548f6a3553e4b0df8608d4f8188c824d714ff1df104ff11b6bb00da0243dddee06960a", 0x66, 0xfffffffffffffc01, 0x6, 0x100000000, 0x0, 0xffffffff00000000, 0x2}, r5}}, 0x128) writev(r3, &(0x7f0000000700)=[{&(0x7f00000001c0)='e', 0x1}], 0x1) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x9, {{0x2, 0x4e20, @local}}}, 0x88) 02:35:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:24 executing program 0 (fault-call:20 fault-nth:41): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:24 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x3, 0x400000) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x6}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1, 0x4}, &(0x7f0000000100)=0x8) ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000140)) syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bpq0='bpq0\x00', 0x8000, 'syz0\x00', @bcast, 0x1ff, 0x3, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast]}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000240)={r2, 0x2000000000000}, &(0x7f0000000280)=0x8) sendto$unix(r0, &(0x7f00000002c0)="11d11c72acea2972b5929a957dc4967fe655f8260c8ad413e2e8ed4c62835a4586d5b76b00f88a3d6793728f3ae867f53524668bc36722e17f3493184f97cc5a2bd148206acf4fc9b3", 0x49, 0x890, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e) r3 = socket$alg(0x26, 0x5, 0x0) getsockopt$packet_int(r0, 0x107, 0x8, &(0x7f00000003c0), &(0x7f0000000400)=0x4) recvmsg(r3, &(0x7f0000000680)={&(0x7f0000000440)=@hci={0x1f, 0x0}, 0x80, &(0x7f0000000540)=[{&(0x7f00000004c0)=""/123, 0x7b}], 0x1, &(0x7f0000000580)=""/250, 0xfa}, 0x10020) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000006c0)={r4, @rand_addr=0x1, @broadcast}, 0xc) ioctl$sock_proto_private(r0, 0x89e4, &(0x7f0000000700)="09f72bafd4bca332aa9c79474e21737ac8756c9a5b973f58203f9e4e52c435e85ea49bd32ac902c91173c0596aa41a11") setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000740)={{0x3d, @empty, 0x4e22, 0x3, 'sh\x00', 0x8, 0x8, 0x1c}, {@rand_addr=0x7e8a, 0x4e20, 0x2000, 0x2, 0x5, 0x5}}, 0x44) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000800)={0x0, 0x0}, &(0x7f0000000840)=0xc) quotactl(0x6, &(0x7f00000007c0)='./file0\x00', r5, &(0x7f0000000880)="81d8f6859c6126ad173b4eef9cc92581be2dca6b471e8828f79105b9d2201d1fd525636e645a45a7fe1edbb0114aed87f2c33e6312899a8604160ca17e1cd35af266479f28e03cf9a8b874c7d74294f7000fa4e55e75f1e972ba798d5e693ff63bf7d0c482567d7b98eafcb1155c88e6fe8f4dd25786b9f7a9e0669dfe643ebc62a33f971e3bbc5ea1b067a0c65b11875610f5017e277a75fd67cc4807eda653f499657d111f4eaf52d54998e8dfc4b7e268416e9556a1bb5ddd5ece2c7f4a45b0bbddf0b4d3") ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000980)={0x0, 0x0, 0x103, 0x2, {0x10000, 0x8, 0x10000, 0x2}}) syz_open_dev$sndmidi(&(0x7f00000009c0)='/dev/snd/midiC#D#\x00', 0x0, 0x4000) socket$inet_sctp(0x2, 0x5, 0x84) r6 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000a80)='/dev/vfio/vfio\x00', 0x100, 0x0) mount$9p_fd(0x0, &(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)='9p\x00', 0x1, &(0x7f0000000ac0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache='fscache'}, {@privport='privport'}, {@msize={'msize', 0x3d, 0x101}}], [{@smackfshat={'smackfshat', 0x3d, '/dev/midi#\x00'}}, {@uid_lt={'uid<', r5}}, {@smackfsroot={'smackfsroot'}}, {@uid_eq={'uid', 0x3d, r5}}, {@subj_user={'subj_user'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'wlan1'}}, {@smackfsroot={'smackfsroot', 0x3d, '/-'}}]}}) fcntl$setflags(r0, 0x2, 0xd3ae1011c51e319c) ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000bc0)=0x400) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000c00)={r2, 0xf0}, 0x8) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000c80)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000dc0)={&(0x7f0000000c40), 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0xac, r7, 0x200, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x98, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffff800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x30000000000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400000000000}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000e00)={{0x3c, @dev={0xac, 0x14, 0x14, 0x29}, 0x4e24, 0x0, 'rr\x00', 0x0, 0x8, 0x54}, {@remote, 0x4e24, 0x10001, 0x6, 0x2, 0x8001}}, 0x44) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/video1\x00', 0x2, 0x0) syz_mount_image$xfs(&(0x7f0000000ec0)='xfs\x00', &(0x7f0000000f00)='./file0\x00', 0x1fbb080a, 0x1, &(0x7f0000001040)=[{&(0x7f0000000f40)="b238b66a418940030b6a83f536a093a59f2325453f17840eaceb77fc49a2b5cd9755095b0b56684dbd46b409a9b46fe355d0098b93f8dbfeb3c2d09a16ba07a5e72d03c260fe9fae62b46950f6efe69bafdd19ada76aa7d869aa7147e1e23975c7584f92e3cff29dd05096959d2f94f960d5686992d2f4f7045715fb8600dddac57386ca9e32203ddbdd98129a1d7b2fc35cf13facd7a6973bb78a323c6a850845e4591ed6d6ff05c4e85e3a1f600486754713ec502e326181a6390c254a0ec3107989b0af505e6cc0227b66d912ae48e37065216609cbde72186daba695c383a50c211faebd8699bad53222ce2d5270e2d3d9", 0xf3}], 0x1014400, &(0x7f0000001080)={[{@dax='dax'}, {@rtdev={'rtdev', 0x3d, './file0'}}], [{@appraise='appraise'}]}) ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f00000010c0)={0x1, 0x0, {0x1, 0x10000, 0x2010, 0x4, 0x0, 0x0, 0x1, 0x7}}) 02:35:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:24 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r1, &(0x7f0000000080)=[{&(0x7f0000000100)="480000001400190d09004beafd0d8c562c84ed7a80ffe0060c000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed4e00000000000000", 0x48}], 0x1) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000000)) getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f0000000180)=""/89, &(0x7f0000000040)=0x59) 02:35:24 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000014000/0x18000)=nil, &(0x7f00000004c0)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 507.573701][T26988] XFS (loop5): unknown mount option [appraise]. [ 507.676251][T27002] XFS (loop5): unknown mount option [appraise]. 02:35:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:35:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 507.726393][T26992] FAULT_INJECTION: forcing a failure. [ 507.726393][T26992] name failslab, interval 1, probability 0, space 0, times 0 [ 507.750300][T26992] CPU: 1 PID: 26992 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 507.759457][T26992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.769499][T26992] Call Trace: [ 507.772800][T26992] dump_stack+0x172/0x1f0 [ 507.777153][T26992] should_fail.cold+0xa/0x15 [ 507.781760][T26992] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 507.787559][T26992] ? ___might_sleep+0x163/0x280 [ 507.792395][T26992] __should_failslab+0x121/0x190 [ 507.797343][T26992] should_failslab+0x9/0x14 [ 507.801825][T26992] kmem_cache_alloc_trace+0x2d1/0x760 [ 507.807176][T26992] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 507.812968][T26992] __memcg_init_list_lru_node+0x8a/0x1e0 [ 507.818597][T26992] __list_lru_init+0x3cf/0x6e0 [ 507.823343][T26992] alloc_super+0x78d/0x890 [ 507.827742][T26992] sget_userns+0xf1/0x560 [ 507.832059][T26992] ? get_anon_bdev+0xc0/0xc0 [ 507.836630][T26992] ? get_anon_bdev+0xc0/0xc0 [ 507.841199][T26992] sget+0x10c/0x150 [ 507.844989][T26992] ? ovl_show_options+0x550/0x550 [ 507.849990][T26992] mount_nodev+0x31/0x110 [ 507.854337][T26992] ovl_mount+0x2d/0x40 [ 507.858382][T26992] ? ovl_own_xattr_set+0x10/0x10 [ 507.863299][T26992] legacy_get_tree+0xf2/0x200 [ 507.867959][T26992] vfs_get_tree+0x123/0x450 [ 507.872452][T26992] do_mount+0x1436/0x2c40 [ 507.876794][T26992] ? copy_mount_string+0x40/0x40 [ 507.881718][T26992] ? _copy_from_user+0xdd/0x150 [ 507.886551][T26992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.892769][T26992] ? copy_mount_options+0x30e/0x440 [ 507.897952][T26992] ksys_mount+0xdb/0x150 [ 507.902175][T26992] __x64_sys_mount+0xbe/0x150 [ 507.906833][T26992] do_syscall_64+0x103/0x610 [ 507.911418][T26992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 507.917301][T26992] RIP: 0033:0x457e29 [ 507.921211][T26992] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 507.940798][T26992] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 507.949201][T26992] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 507.957160][T26992] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 507.965111][T26992] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 507.973063][T26992] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 507.981014][T26992] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:24 executing program 5: sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=@del={0xe0, 0x11, 0x0, 0x0, 0x0, {{'drbg_nopr_sha1\x00'}}}, 0xe0}}, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snapshot\x00', 0x100, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f00000004c0)={0xa10004, 0x4, 0xfffffffeffffffff, [], &(0x7f0000000480)={0x0, 0x8, [], @p_u8=&(0x7f0000000440)=0xffffffff}}) times(&(0x7f0000000080)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000040)="0adc1f023c123f3188a070") setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000540)={0x1, &(0x7f0000000500)=[{0x0}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000580)={r3, 0x2}) r4 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000380)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0xfffffffffffffe82, 0x0) readv(r4, &(0x7f00000006c0)=[{&(0x7f0000000180)=""/161, 0x7ffff000}], 0x1) 02:35:24 executing program 3: io_setup(0x80400000000002, &(0x7f00000000c0)=0x0) r1 = memfd_create(&(0x7f0000000440)='@u\x03\x00\x000\xa6\xc9\xf4\x89K\x16\xa6\xc1\xcc\xfcj\x97', 0x7) io_submit(r0, 0x1, &(0x7f0000000100)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) memfd_create(&(0x7f0000000000)='\x00', 0x7) [ 508.118149][ C0] net_ratelimit: 22 callbacks suppressed [ 508.118157][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 508.129664][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 508.142296][T27028] kvm: emulating exchange as write 02:35:25 executing program 0 (fault-call:20 fault-nth:42): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:25 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 508.198166][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 508.204030][ C1] protocol 88fb is buggy, dev hsr_slave_1 02:35:25 executing program 3: r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x80000000003, 0x0) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000180)=""/212, &(0x7f0000000000)=0xd4) ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000040)=0x5c) ioctl$int_in(r0, 0x800000c0045006, &(0x7f0000000080)=0x80000000035) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f00000000c0)={0x0}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000280)={r1, 0x1}) 02:35:25 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x2, 0x0) ioctl$sock_netrom_SIOCDELRT(r1, 0x890c, &(0x7f0000000500)={0x1, @null, @bpq0='bpq0\x00', 0x1, 'syz0\x00', @default, 0x0, 0x3, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000080)={{0xa, 0x4e22, 0x6, @local, 0x80000000}, {0xa, 0x4e23, 0x6, @ipv4={[], [], @remote}, 0xa}, 0x8, [0x3e61, 0x7f, 0x5, 0x9, 0x2, 0x9, 0x1a, 0x200]}, 0x5c) bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'rmd320-generic\x00'}, 0x58) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000100)) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x4002, 0x0) rmdir(&(0x7f00000004c0)='./file0\x00') r3 = accept$alg(r0, 0x0, 0x0) sendmmsg(r3, &(0x7f0000007f00)=[{{&(0x7f00000056c0)=@can, 0xf940, &(0x7f00000000c0)}}, {{&(0x7f0000005900)=@pppoe={0x18, 0x0, {0x0, @link_local, 'syzkaller0\x00'}}, 0x80, &(0x7f0000007ac0), 0x1a9, &(0x7f0000007b00)}}], 0x3fffffffffffe0d, 0x0) sendmsg$inet_sctp(r2, &(0x7f0000000480)={&(0x7f0000000140)=@in={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000200)="f78899832c068437e951cdef25169703ad467d88bd5472f4", 0x18}, {&(0x7f0000000240)="52410c02235a487303b46ac094548f7654c4849118a87db8da4c9651f25dd0a5138c447d178ab2754a2677f02741a9460ed01574e5253eb198c03eb360ca26455fc4fc3a6eb0667503109a38fa71c00e8da2058630f4a5e08e70957a78f12d1a240987e54e8359f4e5251d3b652427bdf2c8c92b0927206648483387ec5f87c747f8b2f867eb67c2ab2d69420bd1a3ec0e621d238de0b09f1d51b73d6979795a497fbced212c39c931b1c505e2", 0xad}, {&(0x7f0000000300)="d7bfaf71038ce901b42a5b6ead2b422c1f3b1db96cd2f87142d76abae08e142de61560a90ead7d067a5728d9cf53aa2317", 0x31}, {&(0x7f0000000340)="f12a2be2064b7b56de33315b5838618d003917365709c6c05a6a0c1ffa4196f86add7e7fffbf4b4b92d859716b36c103a09a25718122ca1b4c48e39e5ab577721923596e19cb1dad8fb559aa4704d9ed1b32e509f9e67b2ea1c072af6fda6d4479a1f597bdaddad9b5def9ef6656a3fabf15b67ea16c188861a2ca139f6d83f799a746b073d4f86f55e86326b901fdeb5284b6fc5d2961e7e762904205cf58e50fb06a78573e6249a48809dce12c965ad349f69c5d2f660a6703a43e4cae650e050d71808635153f1a8cae9d477ef026996ea6b70d036c79e6bf06d3843b6f87fe", 0xe1}], 0x4, 0x0, 0x0, 0x20000010}, 0x24004000) 02:35:25 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 508.520019][T27049] FAULT_INJECTION: forcing a failure. [ 508.520019][T27049] name failslab, interval 1, probability 0, space 0, times 0 02:35:25 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000014000/0x18000)=nil, &(0x7f00000004c0)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 508.585242][T27049] CPU: 0 PID: 27049 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 508.594392][T27049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 508.604446][T27049] Call Trace: [ 508.604473][T27049] dump_stack+0x172/0x1f0 [ 508.612075][T27049] should_fail.cold+0xa/0x15 [ 508.612093][T27049] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 508.612115][T27049] ? ___might_sleep+0x163/0x280 [ 508.612134][T27049] __should_failslab+0x121/0x190 [ 508.612154][T27049] should_failslab+0x9/0x14 [ 508.637203][T27049] kmem_cache_alloc_trace+0x2d1/0x760 [ 508.642628][T27049] ? __memcg_init_list_lru_node+0x22/0x1e0 [ 508.648442][T27049] __memcg_init_list_lru_node+0x8a/0x1e0 [ 508.654089][T27049] __list_lru_init+0x3cf/0x6e0 [ 508.658863][T27049] alloc_super+0x78d/0x890 [ 508.663270][T27049] sget_userns+0xf1/0x560 [ 508.667585][T27049] ? get_anon_bdev+0xc0/0xc0 [ 508.672168][T27049] ? get_anon_bdev+0xc0/0xc0 [ 508.676742][T27049] sget+0x10c/0x150 [ 508.680534][T27049] ? ovl_show_options+0x550/0x550 [ 508.685538][T27049] mount_nodev+0x31/0x110 [ 508.689851][T27049] ovl_mount+0x2d/0x40 [ 508.693904][T27049] ? ovl_own_xattr_set+0x10/0x10 [ 508.698832][T27049] legacy_get_tree+0xf2/0x200 [ 508.703494][T27049] vfs_get_tree+0x123/0x450 [ 508.707980][T27049] do_mount+0x1436/0x2c40 [ 508.712297][T27049] ? copy_mount_string+0x40/0x40 [ 508.717221][T27049] ? copy_mount_options+0x1de/0x440 [ 508.722404][T27049] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 508.727931][T27049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.734170][T27049] ? copy_mount_options+0x30e/0x440 [ 508.739352][T27049] ksys_mount+0xdb/0x150 [ 508.743577][T27049] __x64_sys_mount+0xbe/0x150 [ 508.748236][T27049] ? do_syscall_64+0x5b/0x610 [ 508.752897][T27049] do_syscall_64+0x103/0x610 [ 508.757474][T27049] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.763347][T27049] RIP: 0033:0x457e29 02:35:25 executing program 3: r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioprio_get$uid(0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0xc6, 0xd3, &(0x7f0000000240)="8c711c522a80d9b03f5ba48dff5c2621cd17047141b7ecfdc4cc26a99de3480a200f78b401e520d0d8141351ffef6c036a2d732dd3d2a65711a336895e2fb79681594bcf9545d8c347ab0bdcefb5d9f8576747cf3857a3b308951a0e99d33e58195f1c4588a2b352baa09ef53a8bbab3beefe5a688bf64902c1242bea1efb295df84e2eb821aa5d595de084ef11867905c374ab499d234c6453f05af933aeb70af5bb534630b5f0a8419d8cfb7f7750c96f683b9caca95adaf09a1da0b89bad43f87fafcf695", &(0x7f0000000440)=""/211, 0x1}, 0x28) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0) getegid() clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) mount(&(0x7f0000000040)=@nullb='::,.\nnullb:\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0) io_setup(0x8, &(0x7f0000000200)) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000040)=0x8) [ 508.767240][T27049] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 508.786825][T27049] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 508.795224][T27049] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 508.803178][T27049] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 508.811135][T27049] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 508.819095][T27049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 508.827048][T27049] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:25 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 508.916348][T27075] libceph: resolve '. [ 508.916348][T27075] nullb' (ret=-3): failed [ 508.928308][T27075] libceph: parse_ips bad ip '::,. [ 508.928308][T27075] nullb' [ 509.016752][T27075] libceph: resolve '. [ 509.016752][T27075] nullb' (ret=-3): failed [ 509.045207][T27075] libceph: parse_ips bad ip '::,. [ 509.045207][T27075] nullb' [ 509.168185][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 509.173988][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 509.179883][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 509.185641][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 509.398198][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 509.404049][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:27 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000014000/0x18000)=nil, &(0x7f00000004c0)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:35:27 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x7fffffff, 0x40) accept$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', r3}) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffbf}}, &(0x7f0000000480)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2'}, 0x48) 02:35:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:35:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:27 executing program 3: syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x8000000000000010, 0x0) socket$tipc(0x1e, 0x0, 0x0) 02:35:27 executing program 0 (fault-call:20 fault-nth:43): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:27 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x200000, 0x0) ioctl$VHOST_SET_VRING_KICK(r1, 0x400c330d, 0x0) 02:35:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f023c123f3188a070") r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x8, &(0x7f0000000000)=0x4, 0x4) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040), 0x4) getsockopt$inet_tcp_int(r1, 0x6, 0x8, &(0x7f0000dc6ffe), &(0x7f0000904000)=0x4) r2 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x407, 0x800) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10002008}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="080028bd7000ffdbdf25140000004c000900080001006d0f000008000100080000000800010002000000080001000300000008000200400000000800020005000000080001009002000008000200040000000800010089820000280007000c00040000000000000000000c00040000020000000000000c0003000000000000000000"], 0x88}}, 0x4000001) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f00000000c0)) kexec_load(0x2, 0x1, &(0x7f0000000380)=[{&(0x7f0000000300)="bd0a924880d3f7d226fcfd34fbf2f3d92e67c85b7670aeda924dfd3f7656739ef509ba65f377392866a777262587546f1665a0d106e9bdf82bfdda2372fdc0c51d241289a26b7fdc4f6f3f1e3da05db2a7fca8f782f377f9617a7909ddfd277af5c19073d44f9718bff88479ec1ab7b4a126d1d57b8ceb9a475b0ef3", 0x7c, 0x7, 0x100000000}], 0xa0000) 02:35:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 511.214462][T27098] FAULT_INJECTION: forcing a failure. [ 511.214462][T27098] name failslab, interval 1, probability 0, space 0, times 0 [ 511.293899][T27098] CPU: 1 PID: 27098 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 511.303039][T27098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.313078][T27098] Call Trace: [ 511.316357][T27098] dump_stack+0x172/0x1f0 [ 511.320674][T27098] should_fail.cold+0xa/0x15 [ 511.325248][T27098] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 511.331055][T27098] ? ___might_sleep+0x163/0x280 [ 511.335891][T27098] __should_failslab+0x121/0x190 [ 511.340812][T27098] should_failslab+0x9/0x14 [ 511.345301][T27098] kmem_cache_alloc_trace+0x2d1/0x760 [ 511.350657][T27098] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 511.356462][T27098] __memcg_init_list_lru_node+0x8a/0x1e0 [ 511.362084][T27098] __list_lru_init+0x3cf/0x6e0 [ 511.366832][T27098] alloc_super+0x78d/0x890 [ 511.371267][T27098] sget_userns+0xf1/0x560 [ 511.375590][T27098] ? get_anon_bdev+0xc0/0xc0 [ 511.380163][T27098] ? get_anon_bdev+0xc0/0xc0 [ 511.384746][T27098] sget+0x10c/0x150 [ 511.388538][T27098] ? ovl_show_options+0x550/0x550 [ 511.393547][T27098] mount_nodev+0x31/0x110 [ 511.397867][T27098] ovl_mount+0x2d/0x40 [ 511.401928][T27098] ? ovl_own_xattr_set+0x10/0x10 [ 511.406859][T27098] legacy_get_tree+0xf2/0x200 [ 511.411522][T27098] vfs_get_tree+0x123/0x450 [ 511.416012][T27098] do_mount+0x1436/0x2c40 [ 511.420329][T27098] ? copy_mount_string+0x40/0x40 [ 511.425251][T27098] ? _copy_from_user+0xdd/0x150 [ 511.430085][T27098] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.436304][T27098] ? copy_mount_options+0x30e/0x440 [ 511.441490][T27098] ksys_mount+0xdb/0x150 [ 511.445717][T27098] __x64_sys_mount+0xbe/0x150 [ 511.450381][T27098] do_syscall_64+0x103/0x610 [ 511.454963][T27098] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.460838][T27098] RIP: 0033:0x457e29 [ 511.464724][T27098] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 511.484321][T27098] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 511.492714][T27098] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 511.500685][T27098] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 511.508640][T27098] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 511.516595][T27098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 511.524547][T27098] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:28 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000014000/0x18000)=nil, &(0x7f00000004c0)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:35:28 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000140)={{0xfffffffffffffff7, 0x4}, 0x1}, 0x10) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) write$cgroup_pid(r1, &(0x7f00000000c0)=r2, 0x12) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000100)=r2) getsockopt(r0, 0x8, 0x3, 0x0, 0x0) 02:35:28 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0x4, 0x100) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f00000003c0)=""/4096) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@nat={'nat\x00', 0x19, 0x1, 0x138, [0x20000540, 0x0, 0x0, 0x20000570, 0x200005a0], 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000000026d07aecbc9d68bbd007000000000000000000000000000000ffffffff010000000300000000000000000063616966300000000000000000000000627071300000000000000000000000006e6c6d6f6e30000000000000000000dd64727370616e30000000000c00000000000000000000000000000000aaaaaaaaaa0000000000000000007200000072000000a80000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x1b6) 02:35:28 executing program 0 (fault-call:20 fault-nth:44): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 511.724153][T27131] kernel msg: ebtables bug: please report to author: Wrong len argument [ 512.009733][T27141] FAULT_INJECTION: forcing a failure. [ 512.009733][T27141] name failslab, interval 1, probability 0, space 0, times 0 [ 512.045617][T27141] CPU: 0 PID: 27141 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 512.054767][T27141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.064827][T27141] Call Trace: [ 512.068128][T27141] dump_stack+0x172/0x1f0 [ 512.072461][T27141] should_fail.cold+0xa/0x15 [ 512.077054][T27141] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 512.082900][T27141] ? ___might_sleep+0x163/0x280 [ 512.087754][T27141] __should_failslab+0x121/0x190 [ 512.092675][T27141] should_failslab+0x9/0x14 [ 512.097181][T27141] kmem_cache_alloc_trace+0x2d1/0x760 [ 512.102547][T27141] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 512.108407][T27141] __memcg_init_list_lru_node+0x8a/0x1e0 [ 512.114025][T27141] __list_lru_init+0x3cf/0x6e0 [ 512.118772][T27141] alloc_super+0x78d/0x890 [ 512.123210][T27141] sget_userns+0xf1/0x560 [ 512.127519][T27141] ? get_anon_bdev+0xc0/0xc0 [ 512.132091][T27141] ? get_anon_bdev+0xc0/0xc0 [ 512.136658][T27141] sget+0x10c/0x150 [ 512.140451][T27141] ? ovl_show_options+0x550/0x550 [ 512.145455][T27141] mount_nodev+0x31/0x110 [ 512.149765][T27141] ovl_mount+0x2d/0x40 [ 512.153815][T27141] ? ovl_own_xattr_set+0x10/0x10 [ 512.158730][T27141] legacy_get_tree+0xf2/0x200 [ 512.163389][T27141] vfs_get_tree+0x123/0x450 [ 512.167883][T27141] do_mount+0x1436/0x2c40 [ 512.172193][T27141] ? retint_kernel+0x2d/0x2d [ 512.176765][T27141] ? copy_mount_string+0x40/0x40 [ 512.181679][T27141] ? copy_mount_options+0x255/0x440 [ 512.186858][T27141] ? write_comp_data+0x10/0x70 [ 512.191610][T27141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 512.197827][T27141] ? copy_mount_options+0x30e/0x440 [ 512.203021][T27141] ksys_mount+0xdb/0x150 [ 512.207247][T27141] __x64_sys_mount+0xbe/0x150 [ 512.211910][T27141] do_syscall_64+0x103/0x610 [ 512.216490][T27141] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 512.222357][T27141] RIP: 0033:0x457e29 [ 512.226229][T27141] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 512.245835][T27141] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 512.254244][T27141] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 512.262193][T27141] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 512.270143][T27141] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 512.278100][T27141] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 512.286079][T27141] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 513.318175][ C0] net_ratelimit: 18 callbacks suppressed [ 513.318183][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 513.329711][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 513.335585][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 513.341397][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 513.558124][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 513.563946][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 513.958139][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 513.963951][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:35:30 executing program 5: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0xfffffffffffffffe, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x10010009, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}) ioctl$VIDIOC_ENUMINPUT(r1, 0xc050561a, &(0x7f00000000c0)={0x9, "7d1523423f6626418f892c4669c8c709c083684093c8573741b04d1c5db7fc4e", 0x2, 0x5, 0x4, 0x321707, 0x40020, 0xe}) fchmodat(0xffffffffffffffff, 0x0, 0x0) fcntl$dupfd(r0, 0x0, r0) fsetxattr$security_smack_entry(r0, &(0x7f0000000000)='security.SMACK64IPOUT\x00', &(0x7f0000000140)='\x00', 0x1, 0x3) mmap(&(0x7f0000bfe000/0x400000)=nil, 0x507000, 0x0, 0x10, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 02:35:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm_plock\x00', 0x400, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000500)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000580)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x1, @remote, 0x2}, r1}}, 0x30) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r2 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/current\x00', 0x2, 0x0) lstat(0x0, &(0x7f0000000200)) getegid() ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000005c0)={0x0, @bt={0xfffffffffffffffc, 0x2, 0x1, 0x3, 0x40, 0x7, 0x7f, 0x2, 0x3, 0x20, 0xbf, 0xffffffff, 0x5, 0x4, 0x8, 0x28}}) ptrace$setopts(0x4200, 0x0, 0x0, 0x100048) setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000280)={0x1, {{0x2, 0x4e23, @multicast1}}}, 0x88) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xbb, 0x40180) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000400)='/group.sta\x9f\xd4t\x00+\x04\x04{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef&\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\a\x00\x00\x00\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002740)}, 0x0) socket$inet6(0xa, 0x5, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000140)=0x8082, 0x4) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7dc, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r4, &(0x7f0000000680)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000000)) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) open_by_handle_at(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="b7fdffff280800006719"], 0x0) 02:35:30 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000300)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x400000) 02:35:30 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:30 executing program 0 (fault-call:20 fault-nth:45): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:31 executing program 5: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0xa18ce2ad1fe3f82c, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000080)={0x100000001, 0xfffffffffffffffa, 0x9, 0x8, 0x4, 0xffffffffffff8d3e}) r1 = socket$netlink(0x10, 0x3, 0xd) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 02:35:31 executing program 1: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3ff, 0x1) ioctl$TIOCSTI(r0, 0x5412, 0xda8f) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f000001d000)={0x0, 0x0, &(0x7f0000024000)=[{&(0x7f0000000100)="24000000100007031dff22946fa2830020200a0009000300001d85687f0000000400ff7e28000000140a43ba5d806055b6fdd80b40000000140001000029ec2400020cd37e99d69cda45a95e", 0x4c}], 0x1}, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000080)={{0xbf, @rand_addr=0xffffffff, 0x4e21, 0x0, 'wrr\x00', 0x8, 0x5021, 0x44}, {@remote, 0x4e20, 0x3, 0x1, 0x8, 0x89}}, 0x44) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x4000, 0x0) 02:35:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 514.350246][T27184] FAULT_INJECTION: forcing a failure. [ 514.350246][T27184] name failslab, interval 1, probability 0, space 0, times 0 [ 514.368150][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 514.373957][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 514.386838][T27187] IPVS: set_ctl: invalid protocol: 191 255.255.255.255:20001 [ 514.417130][T27184] CPU: 1 PID: 27184 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 514.426276][T27184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 514.436332][T27184] Call Trace: [ 514.439613][T27184] dump_stack+0x172/0x1f0 [ 514.443954][T27184] should_fail.cold+0xa/0x15 [ 514.448531][T27184] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 514.454326][T27184] ? ___might_sleep+0x163/0x280 [ 514.459178][T27184] __should_failslab+0x121/0x190 [ 514.464102][T27184] should_failslab+0x9/0x14 [ 514.468591][T27184] kmem_cache_alloc_trace+0x2d1/0x760 [ 514.473947][T27184] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 514.479744][T27184] __memcg_init_list_lru_node+0x8a/0x1e0 [ 514.485365][T27184] __list_lru_init+0x3cf/0x6e0 [ 514.490126][T27184] alloc_super+0x78d/0x890 [ 514.494527][T27184] sget_userns+0xf1/0x560 [ 514.498838][T27184] ? get_anon_bdev+0xc0/0xc0 [ 514.503412][T27184] ? get_anon_bdev+0xc0/0xc0 [ 514.507981][T27184] sget+0x10c/0x150 [ 514.511774][T27184] ? ovl_show_options+0x550/0x550 [ 514.516780][T27184] mount_nodev+0x31/0x110 [ 514.521092][T27184] ovl_mount+0x2d/0x40 [ 514.525149][T27184] ? ovl_own_xattr_set+0x10/0x10 [ 514.530075][T27184] legacy_get_tree+0xf2/0x200 [ 514.534737][T27184] vfs_get_tree+0x123/0x450 [ 514.539228][T27184] do_mount+0x1436/0x2c40 [ 514.543561][T27184] ? copy_mount_string+0x40/0x40 [ 514.548485][T27184] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 514.554704][T27184] ? copy_mount_options+0x30e/0x440 [ 514.559886][T27184] ksys_mount+0xdb/0x150 [ 514.564131][T27184] __x64_sys_mount+0xbe/0x150 [ 514.568796][T27184] do_syscall_64+0x103/0x610 [ 514.573372][T27184] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 514.579242][T27184] RIP: 0033:0x457e29 [ 514.583121][T27184] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 514.602704][T27184] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 514.611098][T27184] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 514.619055][T27184] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 514.627007][T27184] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 514.634967][T27184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 514.642920][T27184] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 514.697752][T27187] IPVS: set_ctl: invalid protocol: 191 255.255.255.255:20001 02:35:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:31 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = accept$inet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000080)={{{@in=@multicast2, @in=@loopback}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000180)=0xe8) ioctl$NBD_SET_BLKSIZE(r1, 0xab01, 0x1) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000100)) 02:35:31 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f000070d000/0x4000)=nil, 0x4000, 0x40, 0x20008000031, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) socket$unix(0x1, 0x800000000002, 0x0) fchdir(0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x5) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{0x0}], 0x0, 0x0) r4 = creat(&(0x7f00000005c0)='./file0/file2\x00', 0xc6) write$binfmt_elf64(r4, &(0x7f0000000180)=ANY=[], 0xfffffd97) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mknod(&(0x7f0000000440)='./file0/file1\x00', 0x0, 0x1) add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000600)="f95e0139fa7af261f6ed534b45e15c3b90ef064a30515b", 0x17, 0xfffffffffffffffe) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x401, 0x2, 0xff, 0x0, 0xffffffff, 0x1ff, 0x8}, &(0x7f0000000400)=0x15) setsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f00000000c0)={0x53e4, 0x0, 0x7f, 0x3}, 0x8) ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f00000003c0)={0x2002, 0x6, 0x4, 0x4000000000007, 0xadb, 0x8000, 0x0, 0x1fc, 0x3, 0x1, 0x1000, 0xffff}) mkdir(&(0x7f0000000240)='./file0\x00', 0x141) r5 = open(&(0x7f0000000380)='./file0/file1\x00', 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) ioctl$BLKFLSBUF(r5, 0x1261, &(0x7f0000000200)=0x101) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$NBD_SET_BLKSIZE(r6, 0xab01, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000640)={{{@in=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000000340)=0xe8) fstat(r4, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000300)='\x00', r7, r8) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x10, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) [ 514.951807][T27204] FAT-fs (loop1): bogus number of reserved sectors [ 514.958450][T27204] FAT-fs (loop1): Can't find a valid FAT filesystem [ 515.306382][T27204] FAT-fs (loop1): bogus number of reserved sectors [ 515.313057][T27204] FAT-fs (loop1): Can't find a valid FAT filesystem 02:35:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:34 executing program 5: creat(&(0x7f0000000080)='./bus\x00', 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00000000c0)=""/142, &(0x7f0000000000)=0x8e) sendto$inet(r0, &(0x7f0000000000), 0xeffdffff00000000, 0xc0, 0x0, 0x0) ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, 0x0) 02:35:34 executing program 0 (fault-call:20 fault-nth:46): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 02:35:34 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm_plock\x00', 0x400, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000500)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000580)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x1, @remote, 0x2}, r1}}, 0x30) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r2 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/current\x00', 0x2, 0x0) lstat(0x0, &(0x7f0000000200)) getegid() ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000005c0)={0x0, @bt={0xfffffffffffffffc, 0x2, 0x1, 0x3, 0x40, 0x7, 0x7f, 0x2, 0x3, 0x20, 0xbf, 0xffffffff, 0x5, 0x4, 0x8, 0x28}}) ptrace$setopts(0x4200, 0x0, 0x0, 0x100048) setsockopt$inet_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000280)={0x1, {{0x2, 0x4e23, @multicast1}}}, 0x88) r3 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xbb, 0x40180) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x0, 0x0) r4 = openat$cgroup_ro(r3, &(0x7f0000000400)='/group.sta\x9f\xd4t\x00+\x04\x04{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5f\x8a\x06\x00\x00\x00\xb9\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef&\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\a\x00\x00\x00\xd8[T|i$\x88\x04\x00\x00\x00\x00\x00\x00\x00\x90\x1eB\x8b\x98\xad\xd17_Q\xe15\x84\x8f\xea\x98\xc6\xe3WE\x11\xe0\xc6\x1f\xf2/\xf6\x1f', 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002740)}, 0x0) socket$inet6(0xa, 0x5, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000140)=0x8082, 0x4) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7dc, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(r4, &(0x7f0000000680)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4030582a, &(0x7f0000000000)) ptrace$setregs(0xffffffffffffffff, 0x0, 0x0, 0x0) open_by_handle_at(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="b7fdffff280800006719"], 0x0) 02:35:34 executing program 1: ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'vet\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbdh\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) getdents(r0, &(0x7f00000001c0)=""/153, 0x99) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r1, 0x0, 0xffffffffffffff08, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x401, 0x0) ioctl$VIDIOC_S_MODULATOR(r2, 0x40445637, &(0x7f0000000280)={0x6, "cd0cfa038444ff2c9bc535eeda9d9d98eca559e0ced1625e268de2285e237302", 0x20, 0x8, 0x4, 0x4, 0x4}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xa00, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) [ 517.429913][T27229] FAULT_INJECTION: forcing a failure. [ 517.429913][T27229] name failslab, interval 1, probability 0, space 0, times 0 [ 517.441832][T27232] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 02:35:34 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000080)=@add_del={0x2, &(0x7f0000000040)='dummy0\x00'}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x6d, &(0x7f0000000140)={r2}, &(0x7f0000000000)=0x90) [ 517.507521][T27229] CPU: 1 PID: 27229 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 517.516675][T27229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.526741][T27229] Call Trace: [ 517.530044][T27229] dump_stack+0x172/0x1f0 [ 517.534394][T27229] should_fail.cold+0xa/0x15 [ 517.539011][T27229] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 517.544833][T27229] ? ___might_sleep+0x163/0x280 [ 517.549698][T27229] __should_failslab+0x121/0x190 [ 517.554642][T27229] should_failslab+0x9/0x14 [ 517.559139][T27229] kmem_cache_alloc_trace+0x2d1/0x760 [ 517.564518][T27229] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 517.570339][T27229] __memcg_init_list_lru_node+0x8a/0x1e0 [ 517.575968][T27229] __list_lru_init+0x3cf/0x6e0 [ 517.580723][T27229] alloc_super+0x78d/0x890 [ 517.585132][T27229] sget_userns+0xf1/0x560 [ 517.589455][T27229] ? get_anon_bdev+0xc0/0xc0 [ 517.594035][T27229] ? get_anon_bdev+0xc0/0xc0 [ 517.598612][T27229] sget+0x10c/0x150 [ 517.602435][T27229] ? ovl_show_options+0x550/0x550 [ 517.607550][T27229] mount_nodev+0x31/0x110 [ 517.611874][T27229] ovl_mount+0x2d/0x40 [ 517.615936][T27229] ? ovl_own_xattr_set+0x10/0x10 [ 517.620859][T27229] legacy_get_tree+0xf2/0x200 [ 517.625521][T27229] vfs_get_tree+0x123/0x450 [ 517.630020][T27229] do_mount+0x1436/0x2c40 [ 517.634384][T27229] ? copy_mount_string+0x40/0x40 [ 517.639321][T27229] ? copy_mount_options+0x1de/0x440 [ 517.644509][T27229] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 517.650044][T27229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.656274][T27229] ? copy_mount_options+0x30e/0x440 [ 517.661471][T27229] ksys_mount+0xdb/0x150 [ 517.665704][T27229] __x64_sys_mount+0xbe/0x150 [ 517.670379][T27229] do_syscall_64+0x103/0x610 [ 517.674981][T27229] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.680902][T27229] RIP: 0033:0x457e29 [ 517.684777][T27229] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:35:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 02:35:34 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f0000000080)={0x1000000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x7, 0x3, &(0x7f0000346fc8)=@framed, &(0x7f0000000240)='GPL\x00', 0x2, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x600, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_NODES(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80004100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r4, 0x28, 0x70bd2c, 0x7, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4050}, 0x10) r5 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0xe0000000, 0x4000) sendmsg$nl_route(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@can_newroute={0x24, 0x18, 0x8, 0x70bd2b, 0x25dfdbfb, {0x1d, 0x1, 0x2}, [@CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffff9, 0x8, 0xfffffffffffffffb, 0x9}}, @CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffffb, 0x3, 0x2, 0x5}}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4040801) [ 517.704371][T27229] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 517.712808][T27229] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 517.720768][T27229] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 517.728738][T27229] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 517.736701][T27229] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 517.744668][T27229] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:34 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ecb(cast5),rmd160)\x00'}, 0x226) r2 = accept$alg(r1, 0x0, 0x0) recvmmsg(r2, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000c00)=""/111, 0x6f}, {&(0x7f0000000dc0)=""/168, 0xa8}], 0x2}}], 0xa8, 0x0, 0x0) 02:35:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0) 02:35:34 executing program 1: r0 = socket(0xa, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f00000000c0)=0x413ffd91, 0xffffffffffffffe8) setsockopt$inet_int(r0, 0x0, 0x17, 0x0, 0x0) r1 = msgget$private(0x0, 0x2) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1c8, 0x4) msgctl$MSG_STAT(r1, 0xb, &(0x7f0000000000)=""/28) 02:35:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f000001e000/0x18000)=nil, &(0x7f0000000840)=[@text64={0x40, &(0x7f00000007c0)="b9800000c00f3235000100000f300f01c83e0ff382610000008f68e4a20f0cf3abf044804304f4450f01cab900010040b8245cb3bcba08bfe5370f300f986706b9800000c00f3235000100000f30", 0x4e}], 0x1, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, 0x0) timer_create(0x0, 0x0, &(0x7f0000000100)) ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0) setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000000)='&\xd8\x00', 0x3) gettid() ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4188aea7, 0x0) 02:35:34 executing program 0 (fault-call:20 fault-nth:47): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:34 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfffffcb9) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) geteuid() ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, 0x0) r2 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0xdcf, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81, 0x7}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000140)=[{}, {r0}], 0x2, 0x0, 0x0, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0xfffffffffffff001, 0x582) ioctl$SIOCGETNODEID(r3, 0x89e1, &(0x7f00000000c0)={0x4}) close(r2) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40485404, &(0x7f00000001c0)={{0xffffffffffffffff, 0x3, 0x56a, 0x3, 0x400}, 0xb8, 0x3}) 02:35:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x0, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 518.265744][T27293] FAULT_INJECTION: forcing a failure. [ 518.265744][T27293] name failslab, interval 1, probability 0, space 0, times 0 [ 518.328152][T27293] CPU: 1 PID: 27293 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 518.337291][T27293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.347360][T27293] Call Trace: [ 518.350662][T27293] dump_stack+0x172/0x1f0 [ 518.355007][T27293] should_fail.cold+0xa/0x15 [ 518.359610][T27293] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 518.365432][T27293] ? ___might_sleep+0x163/0x280 [ 518.370297][T27293] __should_failslab+0x121/0x190 [ 518.375257][T27293] should_failslab+0x9/0x14 [ 518.379768][T27293] kmem_cache_alloc_node_trace+0x270/0x720 [ 518.385581][T27293] ? kmem_cache_alloc_trace+0x354/0x760 [ 518.391133][T27293] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 518.396947][T27293] __kmalloc_node+0x3d/0x70 [ 518.401465][T27293] kvmalloc_node+0x68/0x100 [ 518.405981][T27293] __list_lru_init+0x4a6/0x6e0 [ 518.410751][T27293] alloc_super+0x78d/0x890 [ 518.415173][T27293] sget_userns+0xf1/0x560 [ 518.419505][T27293] ? get_anon_bdev+0xc0/0xc0 [ 518.424098][T27293] ? get_anon_bdev+0xc0/0xc0 [ 518.428693][T27293] sget+0x10c/0x150 [ 518.432510][T27293] ? ovl_show_options+0x550/0x550 [ 518.437536][T27293] mount_nodev+0x31/0x110 [ 518.441870][T27293] ovl_mount+0x2d/0x40 [ 518.445944][T27293] ? ovl_own_xattr_set+0x10/0x10 [ 518.450883][T27293] legacy_get_tree+0xf2/0x200 [ 518.455572][T27293] vfs_get_tree+0x123/0x450 [ 518.460082][T27293] do_mount+0x1436/0x2c40 [ 518.464422][T27293] ? copy_mount_string+0x40/0x40 [ 518.469377][T27293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 518.475625][T27293] ? copy_mount_options+0x30e/0x440 [ 518.480836][T27293] ksys_mount+0xdb/0x150 [ 518.485200][T27293] __x64_sys_mount+0xbe/0x150 [ 518.489897][T27293] do_syscall_64+0x103/0x610 [ 518.494503][T27293] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 518.500396][T27293] RIP: 0033:0x457e29 [ 518.504288][T27293] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 518.518157][ C0] net_ratelimit: 23 callbacks suppressed [ 518.518164][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 518.523881][T27293] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 518.523901][T27293] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 518.523915][T27293] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 518.529642][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 518.535226][T27293] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 518.535239][T27293] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 518.581326][T27293] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:35:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x0, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) 02:35:35 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snapshot\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, 0x0, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f0000000280)={0xfffffff, 0x80000001, 0xfffffffffffffffe, [], &(0x7f0000000240)={0x0, 0x6, [], @value64=0x101}}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="080026bd7000fedbdf25010000000000000009410000001c0018000000034e74683a626f86645f736c6176655f31000000003e2a9cdecee4773b23de56778a163aaa79d397292c286ac28b53bb5234ed5ca949d737b4f6924b95425b274ddd671e1b094f8c7b9422336a6c4f084d990be48b44"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x4810) 02:35:35 executing program 0 (fault-call:20 fault-nth:48): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 518.758125][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 518.763934][ C1] protocol 88fb is buggy, dev hsr_slave_1 02:35:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x0, 0x0, [0x277, 0x2, 0xfffffffffffffffe]}) [ 518.985531][T27325] FAULT_INJECTION: forcing a failure. [ 518.985531][T27325] name failslab, interval 1, probability 0, space 0, times 0 [ 519.046071][T27325] CPU: 1 PID: 27325 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 519.055223][T27325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.065283][T27325] Call Trace: [ 519.068599][T27325] dump_stack+0x172/0x1f0 [ 519.072945][T27325] should_fail.cold+0xa/0x15 [ 519.077550][T27325] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 519.083371][T27325] ? ___might_sleep+0x163/0x280 [ 519.088236][T27325] __should_failslab+0x121/0x190 [ 519.093186][T27325] should_failslab+0x9/0x14 [ 519.097699][T27325] kmem_cache_alloc_trace+0x2d1/0x760 [ 519.103086][T27325] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 519.108908][T27325] __memcg_init_list_lru_node+0x8a/0x1e0 [ 519.114644][T27325] __list_lru_init+0x3cf/0x6e0 [ 519.119422][T27325] alloc_super+0x78d/0x890 [ 519.123856][T27325] sget_userns+0xf1/0x560 [ 519.128189][T27325] ? get_anon_bdev+0xc0/0xc0 [ 519.132791][T27325] ? get_anon_bdev+0xc0/0xc0 [ 519.137388][T27325] sget+0x10c/0x150 [ 519.141210][T27325] ? ovl_show_options+0x550/0x550 [ 519.146240][T27325] mount_nodev+0x31/0x110 [ 519.150578][T27325] ovl_mount+0x2d/0x40 [ 519.154655][T27325] ? ovl_own_xattr_set+0x10/0x10 [ 519.159603][T27325] legacy_get_tree+0xf2/0x200 [ 519.164814][T27325] vfs_get_tree+0x123/0x450 [ 519.169336][T27325] do_mount+0x1436/0x2c40 [ 519.173684][T27325] ? copy_mount_string+0x40/0x40 [ 519.178634][T27325] ? _copy_from_user+0xdd/0x150 [ 519.183495][T27325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.189741][T27325] ? copy_mount_options+0x30e/0x440 [ 519.194988][T27325] ksys_mount+0xdb/0x150 [ 519.199240][T27325] __x64_sys_mount+0xbe/0x150 [ 519.203927][T27325] do_syscall_64+0x103/0x610 [ 519.208525][T27325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.214420][T27325] RIP: 0033:0x457e29 [ 519.218330][T27325] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.237930][T27325] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 519.237945][T27325] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 519.237953][T27325] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 519.237961][T27325] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 519.237969][T27325] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 519.237976][T27325] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 519.558160][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 519.564016][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 519.570064][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 519.575816][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 519.798183][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 519.804403][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:37 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:37 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000006c0)="0af51f023c123f3188a070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) clone(0x101, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x4000, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) write$P9_RGETLOCK(r1, &(0x7f0000000100)={0x27, 0x37, 0x1, {0x3, 0x7, 0x6, r2, 0x9, '!vboxnet0'}}, 0x27) r3 = getpid() pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write(r4, &(0x7f00000001c0), 0xfffffef3) ptrace(0x4206, r3) tkill(r3, 0x9) 02:35:37 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, &(0x7f0000000700)=ANY=[]) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xb, 0x7e, 0x6, 0x1, 0x1}, 0x2c) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x84800) ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000140)) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000004c0)={&(0x7f0000000280)='./file0/file0\x00', r1}, 0x10) umount2(&(0x7f0000000100)='./file0\x00', 0x0) 02:35:37 executing program 0 (fault-call:20 fault-nth:49): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x9000008912, &(0x7f0000000080)="0adc1f023c123f3188a070") r1 = socket$inet6(0xa, 0x3, 0x8001000000002c) modify_ldt$write2(0x11, &(0x7f0000000000)={0x100000000, 0x0, 0x4000, 0xffff, 0x2, 0x0, 0x2, 0x0, 0x1f, 0x2e}, 0x10) connect$inet6(r1, &(0x7f00000000c0), 0x1c) sendmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)}], 0x1}, 0x0) syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00') 02:35:37 executing program 1: r0 = syz_open_dev$vcsn(0x0, 0xc6, 0x80000) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$RTC_EPOCH_READ(r0, 0x8008700d, &(0x7f00000002c0)) r2 = syz_open_dev$usb(0x0, 0x3, 0x101000) sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x40000000000009) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x96) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f000000aff5)='asymmetric\x00', &(0x7f0000001ffb)={'\x00?\b', 0xffffffffffffffff, 0x4c00000000006800}, &(0x7f0000001fee)='R\trist\xe3cpsgrVid:De', 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$rds(r2, &(0x7f0000001680)={&(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000040)=""/221, 0xdd}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000000180)=""/151, 0x97}, {&(0x7f0000001300)=""/211, 0xd3}, {&(0x7f0000001400)=""/133, 0x85}], 0x5, &(0x7f00000015c0)=[@mask_fadd={0x58, 0x114, 0x8, {{0x9, 0x83a5}, &(0x7f00000014c0)=0x4, &(0x7f0000001500)=0xb5, 0x2, 0x100000001, 0xe420, 0x1, 0x13, 0xf1f}}, @fadd={0x58, 0x114, 0x6, {{0xfffffffffffffffc, 0x8}, &(0x7f0000001540), &(0x7f0000001580)=0xffffffff, 0x7, 0x0, 0x3, 0xffff, 0x10, 0x100000001}}], 0xb0, 0x10}, 0x20004800) 02:35:37 executing program 5: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) ioctl(r0, 0x8000000000009371, &(0x7f0000000100)="0100000000000000180587191eac74010000008064a0b4f88fd5710ca7917358dff72c1b2c140000000002b5399330d84c480fbce5de9cc55d057b8e08e4ccb86273f53c610873a2947549809f350d890241d356cb83da7133d01e450b3e2c5deb1ddcffbc6caeae5cd738e881b5b1404a56c91f79eb7f9fca222b0ee8d165bbdb1b63a97a01f53ef9f13e9b795af1647cc29f5f580489e4e2ee1f6cb5d9e7ff18c6492d60a65828019f06563f9b57a21107a6feaa78516835e0a16fc5e72504dc934843ba0c3b") ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000200)) 02:35:37 executing program 3: setrlimit(0xf, &(0x7f0000000000)={0x0, 0x1}) mlockall(0x2) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/autofs\x00', 0x87fd, 0x0) sendmmsg$alg(r1, &(0x7f00000057c0)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)}, {&(0x7f00000000c0)="ab1b2089f93547bea55d6cd8afeade683c23806c22aab7c2457ed7c4a97b1ef5bf5190fd4840cae4246f0e9dc08a4a82ed94d77645ae4e4ea91a965ec5c84cb67d4d2b679ade746b6ea3855dcf1e90af690765b12b86d8829500ca2bb2db8475aade86477e170653b2d2e2ce2ca147a0b8113c50424a9271da", 0x79}, {&(0x7f0000000140)="379074e1ec0ec06109ee49b01f6065ceaacb7e7e1237c176ff470fa451f13020ca712c1af75886ef1d2ef3910d47137f3036596a6113f0c6f962f9cfd41dd376a9e3c66e43c63e151cfcadfebefa2835aac068d6d9e3d05cfe68dd6adc1e7f740759a3839373d65f689fc9bc56fabf4cccef0e6c64e58f8c93a2f599cd3106c733158393ae0c467f3bbf7232e7185baef071a82622745f268ae7ce01ddcd65eda2b1d68ba095301efea0222b9b111c95a7aa9a7a3f16e2bff644bfcba375bf676dcd7b25d65bc3163f89bf88236ddead021d27a29792cae44765dda307bdab", 0xdf}], 0x3, &(0x7f0000000280), 0x0, 0x8005}, {0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000300)=[@assoc={0x18, 0x117, 0x4, 0x7e7}, @assoc={0x18, 0x117, 0x4, 0x1}, @iv={0xa8, 0x117, 0x2, 0x8f, "8f5a10193cd0404e9290039047a61025606929fceaf537ed756e54bc5705ab4efe4542a2a4669f5e53a48d3da018efdaa96ec9edbfda0f01fb73ddb11ad6e6e4e96e61f54830f867011c304f465f340e2023b65e986fefa9d7a84f6950f3e785dff498a08bcf761cf140c404b7ba859e8f11a82ffe28960acad4efd109f005a4d8107ab2f185b2a7e9b6b791e0496b"}, @assoc={0x18, 0x117, 0x4, 0x5}, @assoc={0x18, 0x117, 0x4, 0x9}], 0x108, 0x80}, {0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000440)="020c357aa603c40c7fc7e47336f791e2c7b342aaf3c9b93e1cbb74d537805105a4ade0a704592f8c57fa0ed32e6a7b03afbf9c35fadbdfc99818d1bf643ba2df6a97d2bdb81bc4198f24820073955b11fc679cf1337fe6481e19fe2371ff20c8b7f1e6df72ce8401908af5b6e8f45a1ad9ddfdad144786fde0dfadabdd05d6edac1fa649165cd1cb", 0x88}], 0x1, &(0x7f0000000540), 0x0, 0x10}, {0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000000580)="a90917cae52b26223e6b44a1b52de474cc46228e1801c79083fca51385300f190785803ab2948e0b50cc3e6b9e9404a26d59d0f99721586ecab6c291505e72aad84c46756300e515f5e8db500fbc2ba0878418b338bd66fc191c6f35da317bdcc6e14bab0ae2858caeb4bf159a98f3f9a37b5641e51adc9e84bd7d53c3f1d8e5194b02012deae9a303f3aaffeb854a47b58153315908d8126f95844d41141011c53691edd281f1c840daf69d9186426ea97b79169f3bca00e91a122b138891b9471cdea5abe89001506560380de887083122517e876a49b40f3f06a7cb623130fcc132c5c8c15c2e6b7550622795feb459702a860fbd69021a898b08f3154eb73914faa436a98de1800b038079cb5ba7be6da67e219dd0c05eb5b8dd9ddcbbc5450707e733e948a1e71d8c346e96494bea48d413cbb624d5b261f29fd4c891ee98a4464668ecddaf747504c0d79200161077aa9919f13e852ee5c384bfd9a9eb7a97851327166e80d3000159a43b27c40cbe494dc83b31cbebe3c2df3850f68b6892242de935832d916b435c475b9163b58f67f342f1eea15e89913a1093b4486f4b8c1d0648dae20375395c5ebcc7019778dd7aa38912d111ab91c72246637eafce65e6f47ec55f47921d9a2e20bd0b604be1eb2572cd043748f742ffc02a32fcfadc909a42df1eec90910b4b7842d93556f1be1dc2cf2f5cd5f05312e63234af3450f31f288e2866562c6b728ae70c7055d814335a2b8d551667157de1684dda3d54ef9d3b9bf4315dd580948ec39b37148b0978bddffe89dc77a60e4b93f75f31cfd1f3aa63cfb3b837df4cf46edb04f476123043af3d8cd7f0714ecb3eaa2028428fc540147cf1738678b2a34e76329c259e15eea7f27d7813878ab3552f498df9fce2564782972a4e61743cf364e5398cbc4e42a34de353fd93baba056aaffb05cbf42707e48a39daa1f63c343ccd88ffc5da6c45f3ff73aa138dda998de3e323e85d2815c186d0c02c5f153f06f905104a00d01c491dc5e6e08b0606d757624d0fd50e15d0f7e147e3c84a07e0b34f2c359873554fb370ddd2205c8a080fc643c3400e8b1009537381da5454dcaf284af02fe9287843798140f303442f284ffb83fcc35c7cf3b54e74fd04e9996f2cbbdb5ae6f0ab333804a1e3c6bfc05d69da54cad4eb4a74da3f9e3c0c00ec688ab8df8e5dad7e593fc02bf49aaca8efff99adbbbd242f4990586a3daa72fd17c7a7642d96017232aa5023556e68947e398458875d908f0f09ad811dd3ff3f771da1c5b2062cf9e389c92329052b8c082b7ff5a92cf218c2e813d426bbd116e15a941ebc32ad35c94dbe997ba028aed3529b26db49ed18f300cc4f4fb49ea54c2c30ec238ff401a549b0f97d56a1a8991e33f98083fdaeb560212e3b1d6abb66bf568f00c4b0735a891b58777d92772b406c337e725559c4edcc3c8ee75d2180ed41e74c53e09dbc9b1a95c83dd304aa150f3f6ef548700b6014af60b10fa47a0a3a20f5cac793c4ebf84e352736e5934bbc561e3905dc3bc5445019259ff4164e28f7169a044820652e51856f41af21b87dd7071d8514d485aa32b5dca71dfdc714cc08e74a7946b0a5d54ba5f74d3b6bb644a0c88a33d0082ae5b2190aa0a90943fd16665c196b86b0bbccb1cb5e7147ef947015d6e0b11b69151898e030817f3daf38586a7fefb35a62a06565f13f24e9595fd1af9ea850c6703cc9165a4bf8f1b114823b6a9107885703a4e3e733452812436a128c2cf3ab253571ba86e125db813c23d0e101b3f4dce941871ab66c8a4ab708a83aad342a1295abb960ff2a0547a0c46654cc6f005a1628754105a4d59f106215666e7cc879ab0843cd09ba60100f8b3e6635f1419fb666886707c7190f2f0b9abf750ccec0983c07ea35c08054ca7488b94d199764aca42eafbb5a116806a2ab0e9b94e608a6da4bf1d86ca8adc13095c88d56c59e36fa0bcf6cf84b119064633e2f9425a3d9353e6679f747102b9074be6bd5a90eac71d9670a845d0ed102b1d0f4ab25ecc8cc9e33e929267ef11d93302072465eb0c541d0301a2cf96c5c88b30f471d970c13627cb8e68916f06043e148f9741cdfa55e9494d051780ea4114b733f88a62b02e45b05d40adb197064f516f616d52b61fdc3b2611a84ae2e3c93c915881a97ba5869744b8a477d643d72876bcea5b2bd5a8db39b51e0908ddc5a5599be500eb4cdc16d3591f92e0464baaf1f7645d04db1dcec3cb4e0930d39f4c657207dbd2022ef265e561ad3df7ff5489164463d2bb3332aa1f3ffc720cd4ca61955264b0ac6af9cfc415ebbe63f67a9b62aaf4679def506e7ab17a20aa0a029a206264f469e85daa71940db57f7282a27e35bcb101bd2b1364e6549316caf83af25c2344c66f0b5337b74a9d64bd23522fcaa5b097cbfeb66012e9b773267b6caa5fb3b57e23e9744e734e0b7d6ce64b51d683d03619ee86e2b29df7a9314e973df2635e946079ed7ce68df6abe7dd123fa5458f66155a2f5697af0f0501611800c2e6d0c917f42f01152dd19ad2b462377287ffcab978d5da5e9182c03e6c34ddc0b6fc917a685a44c6563ccf76e61def0c1f5f29c01079648d463419190ad5a44abb78ad49302c7bef00464ef3ba7ba3309bf443ad95bb0a90e227c1a2c2a73a3f9f1f78bb35e2fe993c32d7599bba7746b4ec04bcb53729b52c1d04dade4712fd6b88a47e8b066f7bba3e170d6916b42bc8dd8ada64df4b7484c76176c34f9e87b97d3fa5093328b18d9d2ebbac81b13d16662fb214ac69c811754e4e7671c2ba284a7fa542b9414c25e3040c0be7c69dbf647274f37e356779843f606638a58f79e7b6ada95307e57b95338ffe992828b980e50518bfce5a06a913ab228f610c321f6294a7fc9735b988420718857dfbdf3afdcc1996ee97eaf65cdbd7364bb843ce279647e1773954a5c0d4cdf3769bbb0cd5dab77d71c5a0a75176bade9841bc4da4da1d612716244c836a787c42f700cb54d86f41c4c6d1f40f8b95130d5cac317aeae24e6f7267260efa198f81955b64b843e4eb0107a21a087cb337af8821f1c82b900e56bca57258bfdcc5ab7ff236967342464468bc9ddd5362db2e8ffddafc8d404a40e8b28cc6b60fd983f26a74b0625f286325239a71f91d41e425fdc2d12981d8c25576856bb8d9d91cc711c639c013cd7acb7ccffd06962c4a2b92295cd02f6512431cf906b202e46e52307b94e1c11e395c8882603bcaf0e55b6d7fefe068407718f76b66470d525a16ccd9eb615b181f70ed2caecd73b2d531a15d6ed740680a2c9368634317290cdf8889d8062d2aa405310de70f6c0be5e9fa5f7d5fc83453ffcc5c9f2e98fa83edc112530f0963f8c625295de482893f29d7c9e348f76066f2986cd6b3fdcc85955c66faf3c0ccad00f527546b2ef7403881ecef20ae39a157346190fe9a9243ced74bb1e895049b9cf0be8b6385811066f8af7fc69fce3554af0b8187df160bba84418882484aeb2310742f895d3a092301e32ff6555db1af580ae41db394889912027f8660bb9dee628b5049fffcd6784fc644b4d6733924f983dd562d5a4812f91d03b1af6ad9a70a8e6fda01a17c17df7020ae14f9cfc6f9b74e0ccd7c3e0bc19d31f49cd208989e35a9dcb8c00c72613c8f2e2aac544553e138baa53a50949613d2525575cf73b0d2d8c97bccb876b74f27816925102faa648dd5989424af6adf64861f969e5aa8d007c1be0a06c60d33b6fafb90a9b25e67306679f0750e64d595fcdfd5f841f8f538adfa3984d953840d32e53805f1a6c60c226e95930b4567c7a69e100f520e95e84bcd22e4000c8c25df49bc1acfe9742903dfc88811224d77ef1864850758ae8716aaec72b7fbff2c7ad0a7cd42492f7e4908dedf6497ca2714d1565563b96087a745631caa9aea2e1f94b7683360cb3b2d1fab7cd8aee639870b1aebf5b2d6e740314bda45edf5aa440be0538c23c1346fa38593d68c9fe27fd6881ee3517bb06b4ea1922bce92b6b3dd5f278f1df9fe83b5c5872e489afc92eb9567c11540f7ded6ef55e2bde2e3f1c767b8ec6cb794dbadea1ef8f25c30f89f9281a8b20aa058c68def821f5acfccd686bf85b61f2705140810c3afe89502031b1186ef0d24a4295f22266bd3bce654ea029baa5c485fd707190d532b8a2a6d894d370f9dc5682e548f8d5ab2c79fdae21fcbaeadb471465100b5125f8b2f4342824fe94768ab8d1ef25feb15867f5f7f672d642f6284e33071cf1ef6f2fd377db8c279ad8a9d405917615176fad54e82bd99d54a5f12399921f3f65cc2b314204468f1ec2ec0ae200265782ebcd945307f8af1446ec6563d066e877677e28ee7037400535a91a9bcb8a5b9bc8637cd883766fe458963ffd73ab42e4e19177f6b4d9a1a7e43ee808c3dd6e48d5fc31624ca6154e2a715292ef25f0fc1a4935c910ec36adc81967d1a01fe6922fa55e26f598b5ff0176dd4f489a11f515f5c9eef2f4dcb6febdfd5208a81f02f06cfae6750757817b7c9ee89e3c83a3e26026c246dc36e8325c41c9f8dc05c8abcf34f7da8e7ab9d636e0c42f3fa6ccf48e726793cc8abb66f728b4d271de8d95a86cfed04e0a729bde29c022d57358102665547c15022acdd5cbe6809c5431c39e8254d7f6f8875cff932d3545cc9292d88f55dd4cc2fbd962c452d992e702c2c1c6f3ee03ddd2af00e89264134b2f00dc54dda37c839885b09a2c8e5025db3e1488a5c395c937e9c63707921407fe0d1579e22fbe0d775ecded71c71d59e5c5dadced7aeae5555ab5399fd54ecbd2e145aedf22a8d383c22d8610364e044aa05a073b02d3294af4c352c10f09e8e4ba2d0ddf152baf7005b660f67205833d6152cbbc67e4d37b9e391956c4ec32cfcc1f255162875c66fe69eb9346ca1ab2e2ffd7a2500da8b035ec3ae3b98702c8d835c95c1165ae24be639ebebd513452c8c1f7dd5fef2d7c2bb837aac10c6f68ddb6d91e173e3eddbdde731ce28893ae267674067e37bac6afcb453d7756cf0dd46976162747efd4dedfe4db260bf0f90b9086b05198369d43eec8d55d2ab8dfb5b7f6ef17ed97545c68d2d8b863c4a396f5d44b4f7abf79c0d3e3a149803f950a128b6331ea2fa2e0becbc87da72c76ac62fea5bbcc13b26981667f9107822510f71de1340a09a841659839c62dd0b6a07598b6d8d2bc1a6f289156761ec56cc8c949787243d85ef30e5f1d4b6ba4b04837069056840f070744b3d4a2b5e965ced8498095088bb8ba8642dd33333507ccfd8272f877d686d851fbdab936c734fb18c9e78e86ba71c99dbeda02a019326e365bbff5c765b09a9bb3e659cf46494892b0e9d13ba52b39290a4052e00f60d4d89c4f256ebfba595bc61258662b750e4d38bbe2b51fec23f1953d197d1f7bdc086151a4a200c60abea3131acdd7e5877df71a7cdc539d956ba29a463cb84d8821b6c63d216032328628f4ae2cbcd5cafb4a506052a48d4f8cb9643e9db203338d66635929718ca174ec010e4a39be4e3bb7dbf27dc7ec142dd43f12780944e7d7ea0ce412dcb9a92af8fd4c125cd193f5533c335b6a41ca095520a79cfa0381516e0c0d3b7ac2252a16f131526ab2c6c219354f63fc6dd4f4b67bf1fb9aaf3fabc5c36b7b5de66ef326182bff06164c7adda41acbfb98b45e613228be80678f0353cbbab8d0ae351c5fcee3ea84d35f7b1670eaa4386a66fb9226ebdd0ca79c134f17cda5b74465537fcf2c84afdb80fa29", 0x1000}, {&(0x7f0000001580)="d5be2445ef0cdd73180e75e5ef88c88b6555d95dd44ec51c46f7b0a56573b753c7bf2aa97d61644f1fa0a67e5b5709aa587f56cd1563a7b5a49503613fce047bfe1e10a5a30b7d41dae34b3f02c9871b19545995c931ba0daa876caaa38eaa49fe4f6b854f120dff44454fd4eb0974281b0bdadd02316aca58befcddc701fa7b66", 0x81}, {&(0x7f0000001640)="02b16110b6f3c76740a3b6f2d52b15adab9ea0e73104160cb49ff63dde5b80f1f393995ec81614c467d401631665ef3a7447827321aba65d8cf9cd75249e4b072ced45fcb6a68ce531b576d7e66ac145b5d751ee2b4930d87bc60f9316c4bd9439aa3a889bcd0b650c6cf4f9ac40af19d034dbd542da7fe593e51f", 0x7b}, {&(0x7f00000016c0)="cba730b302628c7bd9026d2177ad08ad0f1f1fa943a4a714263ecd7e0f83fc2ef39838d6eedf4eb42d0b645b3a1d03615add8fd630ab98673357682d93afd692a8610d6844b616796ea0b1653dc4365879d6b8fb71a8b7e83084fae47ea7083c45eed2e3aed989878fcefc4830ab0f090d0f996adfe5e4cbc346ef68e5c8c6b0767d77486d2218e0e0b3a304235aae99bf4a70b0dd1de580ef12b8a1f55b8025b7cf11e93c53ea65917c700ec867ca7fcf6cf301ded31d1751cca05951c94f2b92c37a87c08cb808839169700ba92ecdc8430478ffa2ce499ce0216410e119b07417655c734bf1ac9a9fe4890289563cefd3866bfda43b618f249a5cd0f16780346594c1307685828645a9ff607d3fcc64f2c05cb20979d8f6b6a688ed7246bc0c70524868c40b36177a0a8836e031324a52671cc173b3ad30437c4fff7287695ded037bb33c52347b826e35d24af33be5283039ecf3919673989f88e612835a9d69e3956f8ab72cce1f0dc270e3fce29a193d98fff4d0392df541b49bf76a39b28a70feb9ff858b4a1e9ef9133d481c7d8ce11efe12b81c422081a8802178bf3e6255edf1b70031bff1db3fbd0fafd9ba8100ccf7e7da5710350a1a57c7b635051f7f000122186cec3dd514826dd42a0894f5e451194bb5e64a9263ec72e24f49caf56688b69596b0dd83d757e60c2e5e1fb60644a55007b94f3edac6e0e5d72de2671fc9c6bb4f25f7f99bbfe65656bba9ac163551212bdf123f7774851c8ad390df055968af06be276b1d5fd3dd0702c248a336930d3c0e9340191b4da4efc684fda1a55d41be123db07148abb236822d21df51f617d11a0f678e8e30bbbee316dc339c786f6a98e0ba1635eec0927abd122739169ede6a9b9e1d456c12ef7bd3f02c774da8fe4491507cd19f59c5174161a1a95267b9e2b24b31a8e9d0f07d8af425d5148b26bcf386be6cb77af295f75ec696a8a030b5bad65ae7c54bf4c88c65afa5806e6a250c7d3bc567d0c4459e8a5fe5e5eedbb3dba6badd491d4ba880dd63066afa2c688a4fb6bd9a0ba199ba7bd2836e3685a9697e7933d70bc4fd7009f25a2e0be284295d0741905fb54420e445f3e6dd0c1cc5514b640f12e91a35306ca3ee5aa5bd48824b21a253e4ced809dfa828b24ce6df8c7cfe7884511e671fbcef283fa8dbf31c42a3718993c24cf0fa46e0bed0e2ad998062b02ce79b16ef5155d6789d17c30ec80bcdfd20b0a3728e3c155166203f68a8897babcd03cc057beb454db6587423d5fd779f5d41e3efb2a02afbd942c1e050ef5908b7b21abd15ddfc86e23b51e81e7c9c25b519aec4e11966abffbf5c7b6cd1ef11185c798ccd504dd46e50c37c463de3a8e60d062464a376b99b6067c1193330a1824fb69d435e6b7038fa51d4b9f825669bd7899fdb75be863c4de932cfd736594a04eea76c89839ff67785a83c88e2b1c546fe3c00d935861b178f44b5cff8c665d5c321e5670b53c94af1dad3b8393a1a7d10198285eea340ef4fac6ebd04f19dafc33e92953ebe632969b7e3620aa7e271d46e63623f30f9f71acde3238849b776296cbac10130e4c8db485967b807e791482d25a3760158b0563b824d2858d0b190a9ccf7ec1c108d8c5dc87c6683ad8f4c703c0ef9815c4a998e3f22a16665e13e84950fe1e80d16f23229fba28f8be5d3f90e0bf5cea1f1a3df774f385a09cbf5e2605a89d144df7972b15b91828cd56fa0c6e4ee2c3f0aeee0c2b34fd223b9fe329cb24c74fe2db1e392b98cf5b8c4b1574695c62552eb45837ca2c816e326ccaf74f001e54330d3a89f865229ef4162b43d142ab455b04ddf9002d4d67a52abade280489fab2795ca091d9fbd0b045f2307cb55e706a5f0acb71dd684e29b5b7320ec7f1b0bca3f066a09c8a58b572a95c100ccc368cca8e2eaba6dcfa5527bc7c9926d21b42254220f74823e8dd75b6e5fa09e0e4ca91926ad687aa1211dc1b4d113fd1bbfa032a15c25a10d26a9ba7051f5aa3902ef1a085b4000b8a115ae085f644ea15d4f66db31b1ac3429b2d139cb75cdb2cabaaf7394d928892ba2d4254fe48493e565006beb444c580bad3e841f76aceff2834821fb2c065f8659dbea8b0b32a584b42ec4dd3a52ad1407a9b0d3c6ad25b6bf0e01d2ebc144a7d381c635421ca860a3d3640019c87e2f92eaaec9db9b00a49fac3f798f986a8568cd2f058be99804192d941c73aabae480771051583ae40012e9aefe3abe210dc2a1a281723b8ee15779aaa5dd83715c6c3a36e9df73bc68f5fd0edda06213a979fe971f45a0c23aed75e46bcc6c3315a38f7ba1fe18893844660af1083ae81350f840d66bf468583e84eddee7a2951f3137443ac0b63e0b0f4ca15e60173ebce9e84c068fb40d626ca7fd6a66e8e32a7683116b9e954798781d4afebafa63aa521f8bfacda6b17aa60308db4de00f1b73d0fac9c5e6dc433ba083b9139d1d099c560b7c0b92bc7d7ee0109d62afb4eed2c917f8858d8eef1e426de67ea1b88e528c3ebfb4aebb3ba9f137fd747b4d297bcd90d12b10bd9a03834ab33874d14a25744b0952ade0df1e125d9b0b11243ff4099313f4b729a3f3f9f0486c46ce74e2b313c29ecd3812b1f67b678a2f76e6be19e73847988d7a27dbf64d6ef36797291bae27eac5b7ec3b9d9c9530ca52540c2e3cac49faf57288cc05e73fa2e686c05071fcea9dc3b1cd0f702790c646ec7373ff0c2c52fa0e49eb3c0ab46b84307aa55730badbc2094a15b6aa2706a295e77faa4cd2531cd90b4f91b8d8358d35a53e4ca4d9bf4a6aed9a2dbe81f9873b05c17e2c99dbf35b93ccb17055ee022ddc28a10dc6e1a57d76dcfda85a20c3c7c40da800264495ac97873c519e1a51c99ddb287c4726eade56fa731e93b3ca6a608c57b48d667976eb1c861125fea6f0fda11c7556bef5239a6f6e8f00917f7e89a994c2b5419f63273f0e8aa26a977d1bde959f46993cddd1b7d62a9b195ad51e9286d970c384f820b3c86729cfd64967844f2a54f0f8314d8bdb1015ec22f982d7e48ac3ea6956987b162b2e9a4fbb223b33c895e2fe0e9f1de97891fa8667fdd0a2c936cf9dd69a7c0daae6b2d3088d16f57247ba335288f490198d26c8f06ab18e37a47643b70659f3570d3ab01c937f9fefed958d094ff0ba5e240c4a30c421df4abc62f88ed0f88c35f86a0cd8344697ea21013431e080ab9813ea0e3464216262c405edb4c9173b5dbf98ddadaf101338b433a7015394f2a3398144c84daf46c7118fbf62fca0f92e19f75d1d8aec86245b3fe01f7af4f8d3f235191ac0f76ae15b320231c31e29822d1d9b1cd494259f5472be1e4438dd70395659694732d71a2cd4885a1f3e9e55cc53a8ad615d523b882cff2dea58b03ce277f85216f8567a3a128afcb4983f1484e637476ecde03637a3ca8869f616213d53da43c4b64f287fbe86f208906556be606e691b119340966fe14fcc16e498da5c989122754e3d0ad5345b2e7e41fe0cf4bdf10c19d878fc5b637f54a3ef23215f8fbc4bd02be8e9e30716d654d7f9010b920b81351dcae88013c69d411f1dfb3f56804c3352c33c1b107d1d1c8b6004981b89d9bc511d3d860e38c980c26364622ec52d595de68bd00db250e54dcbd8c6b6ea069a531f875bf9acfd295e7b27a03263de09191f004e9b74ec2c654dc2f462f642620531c301af780ec0c683a2f1e45f297d954be4e91e56a581897c8b8b20f64570af1f4116b3de54935d320896be0939b911e0a201a2eb4a7069d63b8967f6f3326dac393035256c23283fa50465c0f1028f9678d607f2c87780b98bd4d1f5225a5595c1bc9c57aadfba017019368cfca1eb03041b680102957d0e67b1a60015719fa32e030782e6098e57eb2fee3fc8f1a39b6366b2fbfa6acf1ebe701bb2f87e98c1cbe8f1a733c0cd69f3887390db24ff54998656ad43aaeb06cfce48e39642a69a7e706e9871ad361887cc88863a67f3f693813d1591bdd8cf9e147ec144cc494a7b19da5ca30a4371d723f77b0be6e50f8280e9caa4895f57e5347966aa76f33a2134807bf598c57838d029c617a5c4c936b1b67990491e861c809e94703db5497f8ceb71ea9824c2fdd0536da58b37c0ae0079b07f4dc1762966b448f6c0dd6d2083211ddf42435c0b54a328ee5d14c9df3b62f94495a6555d41203a5516a2e40837f54b2aa6e8ba0fe53e1828fa74816a4a17bb964934875519c697e94edd732f0348525ab3d260855f03bdf86becdab6b900bc1b261e133d23775d0da928db3e2dee1cf2118b0c7199b4df6848a7188051dbfa3799178bc962f18ea16f6496c37ad523c32842c66268606a58e480b16fb3cb9c16b3ac430d44bd95a012dfef52f60191b981e0f92f2dd1c99270b5322d832fb1b07a03447d6a2e79b128b0cd8f9546870bc4a75b973bb4c69afc3a305631b29d9880f8c9105459028369c2025045e980fa52ad83e84b45cbedce23401a8c3f3b563763fd89b4ba5907f9abbe1ca7ac77dadec8e9175bca935210e0debcbbf70d49449005516e4be68af38ed8ca8eb470ba0b19484642a14ab7ea6287ce278d9bcdb322734530db8388d719b5981e286c4ff37b3d1d13220051fb2f7f75d2ee92c2c4890de9ed55f6f06618260becdf6cdf4366c417a3e369609d40a0b1451fb69372ca17e1438fd739bedd68d41ca986d9f29a87a5ffeeed308c7368b12c7cd8b84136a977096875dcf888aeb57636b2a6a50a9873fc84868743ae425505f2fbfc889f9e6a4adfc9482a31801b1f2b63717ee3f7ccf0fa0a9db07c4954e6438a31f7ca772adf1f4a084197b9a0c4c9234bcf987f9699da9369766055848d5b7b3dd2224b97670d8a9836189f59f5e9e2459aa93a20812fc53fed092d3f067251013936ae1d91c2740a454b01123d37eca50ebcc9d57a34638b4fbdc589810844bad99135c9e5d611876c34e213b9997733f2761f43989d810fc098c7b512cea8b9116aa4a4d25c19c02f694f0296efced5052094628d154354042ff7616de523018599c40537dd3980038148d8a7914a5c7c2cdafc1f5bb7d1ae4048b2ecd83fcf0e79efa06b97d83c0d00a36cfa7ed68b8ba1bc097ac661e1c9d23e67b53251d9c4b848bbeb5a9230af1eed704421e40c889411381f2a4811ef42b2d2f61963fc880aad59be7e9b79014740c32a0a07b274bd2ddf8a49782f88f3066c6c61e0d6f812a6c4542e7aa64965b24c851f14fc1dcc527869309ffa4d69462289a69a5c49de27a54ffae1eef0bb98c3858d7e16a895cde9d2575d714475a133c4dad06c9ed8cd1d2f7cb8cc4e520d0b72010296675c7a810fb1c4dfabad4f6f53f4f0af96ef00d3fef2a57bbb7fb46f6289a88682fa81006e65ae29a00d250afaa43912660b7102ad73a036e2dcfa8616dda02e1acee006a6829423e38b4f7065425ffe7ff0710ad8a3e48feb64d866db5827334b4c9703c36be8d46b8d75755a8d419b15988baa5e70b6c8f9efdd2a462112953f88d0eb9f54ba2f7050d03290fab557d7a07654c7f76407ef5717cf7b7cf3569710afad47acae28ed6af86d4003c349e81e353748ff2670b736a87da21f0786e19086a249dbb5be558cbbb83e811c9c9cbc379d583279c92ccd84664eec18184040ab179f5998926b390f7f070fbf75e11fbfac091d5f9e08fe1666fde8269f051e6e66f8c3e62e2da4d79b66ed3ed5b9b2f4e18e9949faf84a074458353a8a59d10f8203c3329284e9bebae2b48ae2bc301813c3e36f", 0x1000}], 0x4, &(0x7f0000002700)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000018000000000000001701000003000000010000000000000018010000000000001701000002000000ff000000f0f4a8667b8e5a9879c05098c5ddb80a0158c59e0809dc7551759e330aa75ab3a427b31aea358312389deff06a60dc2c183dba900c65296247bbaafa19bfa2c4bbf8f15139106922982e038d07c8d8d4beb0b92877c4da573183b19d96b07fc91347380a03a7bb4c01d087b11a4420e8bc2890d6f2eb168e4eeba527affda9e1ef43f59e5daff4f8cb3f294c71fddc0b65dd42fdffd9238ea431adf457c7a144680cdfa07b80b1e9a122ed996a963bd39ad9adfd3a890fc233330efe4af5824ce8910f6b83c7ddbf1eb2abe3c29572693093dff05cbb7aea5ca10b2b5d122d9496633f6d90ebf392846980765f7de5b2224d1cad444760ca32770a1aeb6a200000000000180000000000000017010000040000000800000000000000080000000000000017010000040000000100000000000000"], 0x178, 0x20000880}, {0x0, 0x0, &(0x7f0000002900)=[{&(0x7f0000002880)="d1a776a198b5aea734f2fdf98c0b40757232fc4dd56f24dc237c74de0a95331ff05fcf0f05cc2563c58ab19e3bc8522daca88c60d9a798f2776729", 0x3b}, {&(0x7f00000028c0)="660e0a348a5dfcb749002a8dba23d8d621f5bc753a940eb477209fe55bcfee974d678a74862df454499e06317f2cb1a3e6764f8620b472dbde2020e4", 0x3c}], 0x2, 0x0, 0x0, 0x4000000}, {0x0, 0x0, &(0x7f0000002a40)=[{&(0x7f0000002940)="b70b7cb5ae758dfa8e7a6544a702bc4e2ca834c023ae1cf8730781b1d19ae1164563c104d2193d3d4c58ab526845464a1cf2041f3a8c0ea2cf64a0af384e2c9d4b31bfbc4f982fddd7178618d8a983908bf6c164e8a6bc7d030bd2c4149816b915771d5b5d9cb45307d6ab5137362408cabf5db3807cd3cc64b158088e0245d34f1e0af21a9d19c6bb66aab2c91d5f41c09c9000b5eb8d273783e6dd50f775f62fdf5958e2960531fec0c7c64b32b4423f037a6f45c50771fce60af7331ae4b88c50cd50fe6e", 0xc6}], 0x1, &(0x7f0000002a80)=ANY=[@ANYBLOB="18ffde000000000017010000040000000100000000000000a80000000001000002000000940000005e547de809336a2f754e75550064cfed393668910bd4696e078c873ed1eb51b245320ed9aa6c5ae2746d4de08f0f28e56f6acc2f6b304ea15ab73be917ddc59a76bc36de26396751bffe17e13db23b173fef6cca2755d74575d70862ecdf02fe018c51dac40454cc9a43507a1843f02b0b36fabd973b029a9ba4c9fcaa4b08a9b00f01b94e71526b7c48330d2f7025d4f402a004"], 0xc0, 0x20000004}, {0x0, 0x0, &(0x7f0000003e80)=[{&(0x7f0000002b40)="518daf51c8589725c4163b0aba50812ca655b2516c1e0344b18b836404eb5098b83d7fb2eae2765994b01708b6dd26", 0x2f}, {&(0x7f0000002b80)="5700d06e46d680babbec6653af755aa8512d760526de66fb313851e0369cd497f46d90442a0319c5e506a7444483d496da93cf03d7eb98b3c1fe945ea64b8a84490dfcb1da062cf73bb5c4e787fdb1a45c5d128b0e7fb274033aab789da1fa577f6b95d4645c0a95aac69bfa891c6f018d075c449794e0e7dec1c64616a13ac152bfbc606be05d4028e1f4d357774749ccb70f0bb08324c5dcc33f93d7720df7524b2a580c4431067081baa00138f76206ea571aa216fd8bd3efb3dde87003142666bd764748ffcdd1c0f036c97e9dcd08b4264e21", 0xd5}, {&(0x7f0000002c80)="e856005b409574b54eb423e296d4721cc18d720097cb489959d18bf92ca513152c329d5318eee3e9fc3c0182115430ab3630e15f61b6bb8396bbe8762ac4da8c8c8001ff69688ad2c5ad8a12ba7ae63ca7836f87053e6694f5a7ed0c17f667cb1eed94a98a17d2f3a0ccae6c1d9da6ff5d73c8b1bd", 0x75}, {&(0x7f0000002d00)="154ac3e73f023eb0dd1806bc5c7d2c90feb540a9903f7d733bc986de2ce0e1fdd1eeb05bdbd558f1a0a2fab5df41a9c0cfdd06ca4b585609406bc09b2e02359816cfa7c694d610d28f9d36f4372665808034481adf1af12c526301117e2825522a6124d5c46626a573be624aaf291d67ccd31ac34af0b757430ed0cbbaad0b79d15d44e3b0af9abfcbe8a22de80496ddbc747f4da4f8a1104df0b9ec3a429376419f8fe8e6eaa00d6011078a4388f653cf538e23352e40aeb9f52f479f219893f8fef64ff364c0acf36a3e11d0868baf8537c04c9d972b7fbb4ddf802ebbf63a238e0621377e90214661d3f0b3ab9419e662c5f051c982ea2f22d9e541425552a58baf24c5b14dbd071450efe14abd6226e6b809bebfbcfa9d446cb631b7267dbd74ba6688f73baeab8daabc7b0178d56b6133da5ef59b3ef847e73e38b4d883549ee1ddb5e30b1708d4ca66e6b8877fa5128182ccc1cd4c885385bdf1e8cbc2de92bf579a928ef467fddb9fb37880a4bebf368931cffcd16c0fb8eb671f2baa6f2917b1582bd796190a54e66cf56f5e398dbeb0c40df0c2a0bfbcf9a52f4e6294cc802fd0c9be7ed38d83905f473ae6c16cf79b2c18f0108e1ab208c33bebfd3e266d313932ba139e6dd318b8a235befab6743d97f331916de4a0078f6e539464ac86e1a9370d13d5bba81f15a37144ee46709cf5a99b51aeb9616bbcfc45edea715bf29665deae1dcc76f1d4252c528fa60dc179f65d83eee874b2a69dcd541e0f5ce3cd994c487b9e43d61fbb89eb2b478675e16e33e2311b15affbe2956e7c586e4bd1c6c0b92c8df171560ba77950020bfe7a5ce2698ad185874ef2df9dca68fac0840b71aa658f0fe13b1d79c9771e3c50961806cabdeddb0880947651936f1b115f8ac09d7466c4982d10e0fa8775f4630aae341701d9a583e9a28d862ee0545286d5e07f60d7b4f3200bb0ce96dce75f49c2f610e2d59e01b9859a6448e641bb0253be64cef0656132e0a3b7d058e9b821f18afd226e388ec5c41c061c3e9a24ed31b3fd7a1012880c254b1009e3f92bda4b475a048fa8e262a919b2e47e2e578796b7fb63b644a5f3b34f144179949020d71498a44c1415126cb9245085f5012539a351ee2cfa4438314d538bde5cf97bf91807965a1f729215f6ad793169bdf372907943050cc95b8ffb7bd04249c01454b0f0dc057333b4ac5e4d04ff27d1b0c81aea7edbc067d20b5505838272b98040050feed1454099619b373e3285c547d1c6b25767aa5709f96ae1b3c64a7a07fac9b9e45ca5fd4d059435986953aa4715c53deccb408b3b71223399af632013532168d2e595a5dceccd8e61563481f2d8b65d0ebe75527a3a2958247e6f738bfe252a7387dccc815e8b12e1e80941e3f987a3077755a48335225594daee5e31ddf454bd360ab7b85b88dfdc8913caf498ca1be78820082a9d90da1edb195b6f77a7451615bf07e1deb08d3baeaacec3daeab2057764cdb8482bb3dbc4c38df557ca11358e3489b28cc6b1ff11c00631880dedc33e7a35150359e4f3e9ce5f678ec33e33a570c8c5a07de6ed2c34e025f203cebd52f74758e0feedf312c0a0c70d4c08d3f28e67049f5f7315df654052cc8981ae32a864fb234dc67fc4a767347bb3f8cd6c17a5399f67e63922111b40c8b3f546d6cefb09f57ee538a467cd062a7f500f72538e7e1a0eec9c946fe72b85fe86f8e1c7d1c356b645ad9da7cb99f8a2744beac6f5e6f08cbcc83f90cefd4b9b9a91382009dd62581388d54c13f01811897dacfa3f4710bb5036e82c7433125c542b712a2ac368291ebcc4e85d8ceba9acf0868ad98dc401d9c060971caf2ddb76367b77f2e8849681e62566ccbf4ed80d213d052a92d44f47f175e9b0bfa9554521471741affe9ccf95f93c9a5178e3117c6b21dddf2eb53d63224055f61e8a26f5774a647c15b5be5f82bc55b73a8ba71bd26709b411054e73e914e6da6b5e3a35cd37c69951f2eb5271d9e1396ad31fdbcda43a7af1d0c6f7e8829bd9c4f5f7feda367235341a382983e32570f1b88ffbb90982a7674283e5607518962014fe2cd0d9259ad320916f0e4df0273194ed583d2160325e8ef4773262ee9c60aafadcf541cfee50d1408312ba97c8c70580f636366e0f7298f17cdb7f9329b556fd54bd3836b06944550099093fc8557b2e3ac117071790f68b75f045db354349b76a65d80414b61d26572fd3221ad5584ffe1248f8507397776aef674ac647f2df8476e28960b42ae421e0d31a8eb3fe127c2bffcf9c37dd7958a9c331331c93cb9a9d734c7a7008d4197c7eb0cc9d64a03cb57e2c432ca3f06d0a50802fa2ec901e7f9f2052e0c4e01337760a3ea57c94c96a56ea535f02f1fc13770a694758975e5603b93dd3d6c4b0c647e92a9c02289c6fa3fb13b21a08645e63081873bf76e1f2016262a5553596a5013d26e229e7f0ba37ddc5f9463670d54fa0bcb0b2431f00a21d847f250db81f99966a50597867f39b7a6e56370b62942efa607bbd4b56c4323f638e57d095e4a985bda806656fa84bb651be55e0e9708035c5c6db73100192db5dcdd5a3291cbbdfd3d8b794a1305bbff5a073e565e7fdd16eb66fe9871f1c255ba9871f4db6025762d8d06f8c7fb62a991c0560cc4e55072dea082a83a656c238c6569a3d4006501ddcc88451247700117c49c935b1992edea8149a1cb3a767b0d9ae8916d4d710ce07af0dce24aa31f4a128b655fce835b493ea9ddbe0ab05e8ef2e98ea39adc9824c58d5028033e2e8f31139e6f11b3e08b4c3f89fe7d31f10c8717a8a21b31a42a31ada4849fcb67467f4c91eaa8cdba8841d5eb42781d12eb7e499a749b6890a90d08e10c33b1c0f54461df63aba725b5f4757529d66d0ae898e618e45b99eec180bb8056047d9a7a6113c310bfc3fa6d1a7323649cee589724fc4ef3660a8675ab434b03262c439ebc24dd68c0b58407ed29389e2004a0fc6e0f6f81f7fc69873376520bd8d2b98f39b04facc492c0db8d6242cc5b56693de7105fad68e1d5ca81942eb9bae6d532e52cb8b831c3c94669333ea2a298bb72fa2a0f808d4b40336f813ad64acf8da475118787d1e9e57c0e73484b1ad0ae61f854a96291776e8b2a566c9dab0483dc6698641ae6be0e51618f37276ccae53f0c82bb665a1e8db6c55ffad1e13174bb3b9de85dba1e3bd2f34385ae8694f963948080095b5ca802418e6c90b12d43031a9e1ac1f541fd063272ee4147d79f0e618f7e33e24e40f5e87e4c7f5987983c992f2bff24ed211ab8fedab07c3aa7ffddba7e232482222cfb997ed6d2693dfd0a8c0993ed61d58199dd335534fe6445ff97a6c702375a999f63a87245d6fa047d2438b261adf4255bf8e2a52fdf1b9efc430e8a45206d5131e46cd787b0624e9be5a767b0b53e4381b2a447d760c3b28d27be84663f0144bfa346346e91e2b2b140888f6da436b721f7f32c98a07a162679ece7bd48077273074b33adb4726ec805298eb304461f1dc290d1f9ce80f9360a6c748ff88bcae9b6a17e976dd2a9cbafddc4f937f90f00771b35585c4f0fa3ccfb25ceb6feb6c3c025d051a5ef0bfef9d04e9ca695e6bc2f4c77411fac45eca931a5ae9d76c29382aae18f7656c021fffe8fe7c2d99d25627cb9b14a941f4431c13720d91752c86d736a8bd371174c6fa526f0ef0a73f2e6dbf6e3e554ac36a500a4fc8e1ad29a8ae97706f5f3b8b7cefb526e27ed5f1f149d7edf40cf92ea8618945c506f84d0ec4ef712ba497ca2cf53ce4e4f9d87c46548f9b5e057974adae91d62373ad986ccc5ca642b0f7fd76a907f49fa36ee7df83176490f9e50c210d2808bd73b6a2d83f3dc0f422fb3c66626b18a7e2394d4c5d3968a06f2598f27a2926098dec7b33c7c5bb8cf017625feb2ae38593ee50e1869440742e0ccd3db206b10397b68803b4d65f4d600c4112b54cd0fb4230d2a1c0b40a0f017d760986c61b5fb31b03d28bce78bd4ec02de50b42863bcfee851caba07ac64a56352dd6658ae65899eed20446deb2605dfad2c8f7b455cac0a965e1c0a0f75470597cc78f07398f14c025f779d1426f87f3a5176f5e6f9845d5578cc215e9604554825f2eda0bf2dc5cd5b83e706678d58b206753d817d6b2873bbacbb21baba273720e28840706c9911334c1b62e3dd6213547ec68f37c8d4b6ca11fac8d860ff178e2192a6a483c652166a875d43040b74fad3343e8ffc9763102913bb1ad12c06d4e06be1f7df657931ad5b56fc558e4f368f6357aedc507a578443bc7c719eadd47328dd399dfe88545cc7e5fa05921d5c5a9e1f46f09d508367d6167eec273e0e1312151726a604654fb8f5136edfdc9a171f760c1a4f72ddfaa6b60cde221d4ac54420ef77d89ef33951658f1e610330a26f80a7748a0608559cba2a25a9aca8525e3244037fdacc2e6dafee81360f780b05a7098fad6b4ed6c8acc07cd5187c0715936dcc17dff06a4ba7b566265546b5eaa07a4c53284a0535319a86c18a834da60698c03395f716289ea2d20686dc57d3775af45f8ffd3a2000b780140713f97b44aa1a535f903118f0bc9128ce12e09fca93f392eaef9549d81cd5ee818d9f2f94ae04dd73a2074bddf49783eb6a933eab7f7f93dab23b533bae93a0592853f1aa8288631d4021f86ecbfc48f93e53cd2304281be6c9daa5c7744ad7b2efecd6654ab11e21546f67283632b29d54bf9d9048abfb7bd80bd9cfe77cedf78f2c87a844c3cd8bef29b375b782f410cfe90d9d5fd475f0f83740a4564be23c33abb2a8fc0004c5437e5a62caee46d4f175520265413d8be60cdf6db7c5f1de6bd9c100d8c9bcd6283652ad98c34b35dca46ac282461de299f806b04d18c903cb9f54402a1939736ca7f06b476a33fe1a0e8302b2a35681b1f1259dd5a879c30fdccb7c6896f6bef79a5e570936ca758e19e074d8f76fdc2bc19fbef501d94eb0f0814ee859c0fe7ed69ba1557597f506cb109d0fc68899106d3906982bceb4cde2e3bf181890d716dd9e371910a6f4d7fed33963573f2d2f3aeac0dfcb13d71ac0fa61b6da7a32514127e8cb7fbfd286241b5661e2143e5a781a82095239878dc0a1856fae153d193352d62565bc2486e2742684954e250032e62fe74620d893f8c6373b5e6cca4dc01d3aa9e8594e96c1baf9999960982d2984d95ef22c54e8138a69390b55a2db9ef1e2cc97a28be57b4fcd1b283c9ac0cefc6f7bbae095fb10c55a4a6ad5011beb6d85cebe2bf9a62b1ffbc4b41f31d909621a90e106dc407830d706227e12a01f91141f1ba7e1de1583d4fc16024595c0471ec3ee4f367c93ad4e30f0d75036776945252b671ff49ba10b8b3b820af3b408363827001b32acc1b95d336c7fbf48fbdbd89ea2ab0ca15a3ea367989e0136ee55c73d27cafe43438d43c6a6df6e482ba762088926b7aa8b8e6559c559c79b1944beba014d61a5b8b96b4f65c64596561f198d4d942abc7c2104f378d7786c7f0169c5cee478789cf6aef7a28e4708a1a22c303f5f2c511bda5f57353694e3879185819b492b7d3705bab7cac4f79441cb0c018f811485a3c31534872daea55ee96fba9f21b86d239490e8b42bb47434a3e27fcbb08ef8be253ec05bdd486c8fb3d1a0ea6f9558d41c0bd97962b0337c2d08d7c60841a27aa61843ae541f7f7d58da10ea03cb9f165c9eb8ec2a7be87ddfe21f141beae7663f844ed361584d27b66dee2f22af58ebcb14b4aefea2f41f4fa06c151a19c", 0x1000}, {&(0x7f0000003d00)="cb3b51e60d4d6d1844261b287d82dc2d5aa2690386f9de79c91a2a5d4eeb81c74b3a2c290fe0720b93b473a1738e963e826483430534c7eba46bf18087232b88fe3d876337", 0x45}, {&(0x7f0000003d80)}, {&(0x7f0000003dc0)="b770e7b8439a5ca8fa516a3881200caa6d35ba1f05dde14d1c921c9716d30175a2", 0x21}, {&(0x7f0000003e00)="2b4d9899677cccc53014554117d36d3a8e7cee6153d12164b2d35990d41b61b03712a719061017b844f1bdf261", 0x2d}, {&(0x7f0000003e40)="829ef0dc46e9aa42bfa13486fa9453fe9739b9aa99d55a7399c3aff813150526db56c61969c350ccb1f253cbe1bdc0bb3a16de679f3116249f08c9", 0x3b}], 0x9, &(0x7f0000003f40)=[@assoc={0x18, 0x117, 0x4, 0x4}, @assoc={0x18, 0x117, 0x4, 0x8001}], 0x30}, {0x0, 0x0, &(0x7f0000004280)=[{&(0x7f0000003f80)="95fff5cc5d2f66499e7c54dcf54b08f33f687f8050ea030a74855825a9cb5a6cad6653e01e8f5ed2c343fc80bad29d8e7efbc507f8e61c5dbd81f49823cf90d5c03d93a0a332c4c105b4bd5c844749f6a314be838998495ba61f1b4da2b8ffbec5387cf2f5a758ced835ebcd14d1efbc243dbc6837c7ab549dbc8ea16d8f5c6f4ad8329e4d92b79e656cf04abb5282c7a23413191018b1d1282b5b735e03ee84d952bbb83312", 0xa6}, {&(0x7f0000004040)="9c3c9bdd72006e9f1ea0cd002e54a1e00579ea13332afdc7d44cd004cd06c397264c0c52f9f30a8c22f9d24e73cbb37841afe68560d258021692aedf008dcaea64133bfaf10e8389b952f51fad1f49fbe553cb2a00d1a390708213e1c3a6956833407eac56060f646985bec79a4a75ef97d2e21eb5089f8a6a6cb64321787f6bf99f80cf0b4f9552ef5e4ab6ac306c73fffdede684bd2b5126ba4ce4f6080d9f7b2f6afb1c147d0cd6c1661b", 0xac}, {&(0x7f0000004100)="b330aa4c19359394e58e43ff78839e0aac47bc7645e8843b10ac45ca5f0dec7ee900b26eaa412b922527c4b647b090c57efa0b7a2335da969c74e8121058266c1207e07fe1f9d5e64be63a48e0fbbd1cc2a9b37e9fe6022c0c3c8aa58716c082a7640d2354200c5d179a6f0a05824f614b4d3a340a18110c4be36769681aa007393928b8397e468ba4f49fc6977f8720f48f141d2113ddc1ba56e7b41391d3e75abf7f75ec31", 0xa6}, {&(0x7f00000041c0)="8fc96aad649fdd3b5c281c07ad9ec27fd65a2d55a165db1c62c8947c4390bfbafe3fe032615ef96d02add709fa0cceb9f32ebc83f414cb4a4cb6603b0a222efcf120756f55b4fa396bf1b4b1fed2726620bd3fcb7da3335e9245338405c3a97c01a21f958153af23080d9f972128d3fd640f94ea7c8d1390056c65429f5531a1638c645abddfb0c2e5806d4047d0aa8deb2ebc9c630d4d4772932f4a", 0x9c}], 0x4, &(0x7f00000042c0)=[@iv={0x28, 0x117, 0x2, 0x14, "8c44d5192c21d06364c62bef78fa0a6ac3e02956"}, @iv={0xf8, 0x117, 0x2, 0xde, "f656379ea5c864882f7f4de0e599b7933221f544dd319ad403a7d1b1d6ec1edaefa8c467885ce57d81b4fc20b906742984e30bbb46e9c0b70dafde4851af4c500273200f98b714750f1ac710188083975b5de7eca0a4d43c5cca9802067fe2b4473b5032aa6596cca65efb5c64fc01686f1a8d704e1ce2b3d08d53fe14d63a1de93238db530ee54ca10ebd10bfff305e88b1524a8dace84fe740228f9eb0df8c371bb483a262e3e9339f0372130b669f11f2898b15281302c06abadff64247f5ea2c559fc0b23d691b52b562fcf90c30853c719234a72000ae43118a2a52"}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}], 0x150, 0x1}, {0x0, 0x0, &(0x7f0000005740)=[{&(0x7f0000004440)="dd8f4b5e31177196962f96557bcd5ccc1c7c9a5ac0d4063e09e2467f3403abf7553c3ebbd9b674aa528e8c395fce996901dc6321d602585e8a4a57617655e7295512dd9efe24d0cd8f920c228ccb0e54a865dde1a291cffa00eeab9c651459ffcfa259233ca4f39e1b96318893bfe490bab07ef349b7", 0x76}, {&(0x7f00000044c0)="624de76352cc1de95254613ff548fe350e789b649d362a21a898d3fcf3118179680dda1e09664e3a0a46169c0d64cc00b4a091f71abeafd375e357ff293cb2b994a5c16dda0c07", 0x47}, {&(0x7f0000004540)="534522383d178940684d306e2e348d361a4acf2652e3f2cb18d86445f4cdf426616e7aa66c269e47ca2d4746c390c14693c0319941761e99c68563bea1738565c471d9428f87039156d8d03f0eaa61940f07ae1914b52cb1e9059fd6696bb49ec22dbd3915d2f35fd492c409185d97dc93ec7b1a010fac4c6ce921b419d7412433cb64ee871b26ae65aebec87a589fc6e839d254e559d467264fae9b72b86f91cc599d9b39bee01802ffa0f250550640ffeba02d221e687716214a5216b2aff45b24e48b41eb1813", 0xc8}, {&(0x7f0000004640)="2cbcc5adb9dcbd2473cab2312e31a2d8c7ba0e2d64debcbcaa1f3158b05e8a6b5969c25b1adecdb18373e7c7c5b8117bb11a0dba6183fbd366997c5296ac41508e5443f97073b8dceede9b12e6a5654f98dd49c1fe84362d83f7e036f0e0ee13812e2705cf796f53c6487ae3ae06c95da5ce74e30bd340a981808299ad387665f0f6", 0x82}, {&(0x7f0000004700)="072654c3762e8a76", 0x8}, {&(0x7f0000004740)="70500033edaa371ab0d97e6f0ba72c4c95c195c1545e756b27546888565bcd9ff48f54cf29103b0d7cc944203776bf99e08780c94097559dac269bcdcb1f127735a50aa4fdf700ab69eb15ef2ae3f4ab7bb8ef52ca51a160dba51c04604c05aa98488c94c21ab6604b80b1aaa2d6e5bab453f315d0ca5e7d43168b427a8a79bbac82cea34cb8008ef1035cbf54bbfdb12c7020eb0e07708bb7aa0dddf51672e46a280b1c7e5683c04f9e0a19505877f60b6bca8baeab3b3a17adfbca3afafe0e6d78a7975bb06901db23ed14ae4a439b7aba86e294fa7848affd5fed110fea5562bb396d1c6c87d420c7fd1a75a620880d7944583a0bfd7c5b3a14275a1a12836d9935857b4e295f92da006ff3c3d5d06da4de364e387a5d6c93cc4988e40c714062b5bc22c2d91cd74ef3af5284a2136285509a62ea42d54ef2e7dde7bdda7d3a540ce58eb171972c33292c24a3f05185df079fb305a619bf1f17c6d92f82ca15e76c8d15f70fdb75ae997bd9f2100ec3f6e06828af95d0615b2dfe168cf799d48b9517499c2e4c055e3d3aa8294841360521958c868b55734bd7c4e5a36a9923e5dfb2b867a50cc4758b26dff4b66534c02f4c1b69f7b0e36d07812f71a3ca0dbe1bbee7d390c77b03c50fed0e7c2bca3226607319d4ddcc8d551c4650220a5689e7ebc151b72367e155104c9c7a44be2416534ce91d0a48088fc2d38621d1a31b34a6dc36df6415d88dabd39b6aa0d7b093a6f9342b183e2dece61558136daeb765dcbb8465fd554dcabd2a76f78da06768853692169f645132a2b51ce247e2d7695c6ea393c355d18b95155d22ca74f77d15ecb405340d5bbe9fd186e261a28613f449ea2056f33d8e236e067c178caba8c0ec8b623730dd36efd6a692059d17c5097963bc129aa57c6475d526d8215555d5ae9e39da72a02c095abaa07ee640a91f8d8c32f440893a02a7da4fe5521338a9035ac881b1e07aeb72e59f4faec154f166d2c942319418aa58152b571e00d3eb884551d3de0745409967ca28ad99d5721974a7c6e0284daad743024e7b7774f5f232dc6ecd75be4b26bf80e56cc94095aacfaa6da95321df1b4b7d2d3d6da6e2511870f71110a2c7a5d2aad8197e48ef566335063c2b419a3058f48d273499fad733cd14fab43adccd14cc5949dad584f1bd663767626ca748d6a4efc12630a3686c1feefe6af8e6b027e08f64a97df8631613970f0dcab163a7574f0581bc612cc3488deac08717077a78bc7a4167ca83c5a83a85238d897378baf48beeb228f4bc390b04818363224f53602d2e3ae3862035660e9ccd51ac4a0c265deedf5d2433a6f213574f14312aa464ccbea04ea113353e2f4b5c53de83f463468e2a7da0fca22b9e5e932e364fae00e3b3181d88b79256321b41ee69e2a8012ece2e61f9a4c91b11b8ed334d42dd25345a292d5d983ea1e4599b9d40dd24b5a69c155cffa1808ddab0d55150bf158beb582c8db6e2dfebfad71f90d622fd740a3fdfbc082a400193914788eb52634a160e1f5b4b8e5634f550c5867847588a7d5f2d216e0fc8af40f6253f2e6aa8470bf5cd0cd947d034c68c16cc821ac8b840f74f772c8e2e51c5fcf3df09761405066b5d78e691c09ddab57db18eff081824e3c69e5c9a650c8cb7c543a556c09dccf54b21cb88808edc901798c04419c758aa4327988c5443c1cc3c9fd78facafac70e22948448a992fa27abe1aad42300f757f8dd9044b651c663b32fa7089927a0b98a4e05d0e3cd01ac308045c28d0553988c6bbc19204f65e249ba80a608f42d7edbcee2b980aa44cba940d9c282f386d042d872519f0825e440d83df2dd276fb8e7c2ec9e4b122f35b2d667c16338bbf44b4d307b5bdf34017b9f7a14baa0de0b2f930aff0202ae13b1fcbeda1dec28b04128d28fd24a9b49bec45f92dc553bef5d8f1187d710262d5408bab98e5b5b1d81f244a3fe1456954bc9e2cf3e13788e6a6da62946b7d07962338fd043c39a06635acb3a6bb5214914ac65a5851f3fa67b85cc3d2cc6ef95f0d19494681c4fc99b38dea767ff9d576c7bfa1d47d71d6a2a73eac2464508c7ea0462edfb13068d20fec91d27459b7b98239926abc72773f0353813ed088a9efafabb46515802d338c601a6813be537de55758bd55fe901c0fe7f027a0a1c4afd1e6b530be7d223512ef941dac62f460ecbeb200f4eed9bba641bc63483bdeb2239177427361a1782e78d0f4820fb521917d157dfae6a4dccc6c655de8d9352e819c9fa279783c42ac9dfaca01d817148961a913d639ecb961aacbcae17e4452dbca6aaed361691af47972a65822d7b426ffa036843de13f8e01043539b965f92adf9ba0fd211744eed01a6328fcc58f82769c481b4b59fbb2c402e79c0b189b0a921ee4d6b1211cd5c8247212c393398d78c1915177910873fb5e1f3d0b10a2f9e2885a1475c14dcf366cfde960446b88175b34e51d8ee1b8a1ad2eac2ad669478141ab8f9f39159b9eb88ecb884dec94056b51320acc4eff14e1a845a3d5ec3e2a712016ff42b7b59b3b34e96ddd6387609264dc2f604b7d57792d4d4fddb37b9a01e310696e6695aa8c227faf7611ad931a09bd7ff945598c860dc59cd3be26eea5e5d2346f6b978efe695447fdd1d78bfd2fe55166f830d736046f4e92ac21258ad84c433e194086c3bb4d40c352d5bbf73d24ceefe548bd5e24c84b7d051ba216d4c24382961296b7c22979d11ef0cc2a45aeded410749ec13b8e0a38e45b70187a0ba64f6c88dbc1279150a704e103bfe43895a6f90eee4595747598d4c43910a746034fb02dbd3a4064a65fcc4025d56a919c5c672831cbd77bf1f668a4861b986e8684c38d6b476881c1bc2130a1da929e8a07f1715e7085fdc4e75b06de4bed152ea37fdcea8b60a21a1a9cacdffeef91eda2e9f561c09f8475ec7da9b63f449445016f380e29ee8705095fec0d05bd5587a971ba17e95daa289e26bc62f92f8aeab385a673f499cc1919b8157eacfae463507e5288b59f0b19f7ceb78cbbbbad078678e8c4f5e26663ae7f6bd3267ec726fee45bfdea0cf72bf3e6e34dfe6b9ec6471e5d19b1e0347e6c0f82302011bb67204e0278f49f9b5ea752bb906ea4beeb2181ad6f69c313a61ec1460483eeb4f760b11754a5a3a5d6a282ce4cb19345a1af9a7380949db74c29bfd4646f94e52842deb131f274f9c99f8aabdcc6d38ba9e04b384395f4d4408079df40ce37e3c78137879053e474995cc6b34e86b144bfa6ddba95d1834891fd74d3c8709c64a737167b3a09c96bb2bc137f34391265533b7120625fa9ffc9e1749505ea25622326b910e53dd5185e6e51e12db9945d8e9c451072a6b4e5f815332b27b42b395639b29a871c3a3da10557e2879ec3f9261a061a8ebc9e0ce87c7e2f4af197ea0d5204cf61f24332431629196cb636e8358d948fe71f69bb6e3da07afe57bbea980ba0aae427777d073d93fe2716f3452ad2b8dc00e248e6982f7eddb8bf53f525e45159e473d811a6533fe7d0ddd031f211a038db10f2e36828783dc689d6623587f858d1a45de835514462eb3932d867be557469f31cedcae89056d62275b160b955eaf97e23fe0d25dbe9f7bbd9de33340a1249b7e4341b9e3ec97332be46eab9b4cbff2b45f8e166c1ade46fb79fb45764d3b67a6e6fcb7ffd38549ecbaec2ba63a2eb3ada9bf63185fab09d58abe6e7b325584ebf96d57f9ef3bbc0581e65800ea480f8a379cd531b127615c959ddd6159c25e7be55573eb137e07630b09b101067da2d4113f86626356e8e85dceb7c8a13f8507a483ba303371e2a0cbe92a647ab7944ca925a94f902732ee1a69d1db1139f7ef39097bf5311aa21fb5696a9244092a0ed61dd67e70b98736c5b7c9dcc164ec7da3cbf26be130e4fa4f630d76c9e22e8071ed74f0cc53c31289ca954e5120ab2d8dc5544d37582fcf499f8b5c1cd68088e7a951da320c57ae161d2e167c453bd92ca1ccf6ce06de56fd13ee54b5fb8ec5cbad79d6d8a7a077860f6852c34609de39221a03a261d7854dfe2930996c62a73380f552bdaff272a748f0df2a637df0f1b1b7010c6c8e781202d1e6e43783cc259f39b32ed796c0418c5423aa375044035764127e482137a7191f3524fa5ee5371116abde671f2dc83eb0c3073c6842d0af46dfb2b2093f1a903a58d7051ce69d8b78c8430f0b3879b5ad7b6b9512e2ac2a88dbf21b69f6738df4fb8382fd9bb9596efa2dab06d1b22709cc4b2fd30acd6de5c9631fc305e79ad816d2e0991f91e52e93f2bca4538d983c46753bd8ca3765b77c90a1cf81bc0a749fec939812fe019e843fa8b75411f6bb092c2afb1ef27aa14fa5cdf196f0645243a4b382bce391d5cb63cbe3e1762e2de1d276fabcfc5e34fdb33145069aee8eeddfdd9bd8518e36603265f5051bb9e37087389e2183e209fab01fc74d98b2de5f8ec255bdd1c40f75a0881a2c5b4543830b8fb5d71def73164a62038b3efd1790e3acfbafc229c37ef0b5339b22fc8f6c708c9145e1ef10fa212843ca19e3d4faf1bada11f243c7a67acc8793fd890b7cae6be11643e57567f40f148d2ed1b687b37b2f5a7f715c49f363680f9450ff5ecde20ee2e12d347268251e01eb73281039ee03f44a53c049205c0820d49f63894667f83da35c155205e55d703ca80ca70e098881ffe0a557a3d38fd9eb9de595d9e482d12c79f6cfaed1c87cbd8c890f124629c13cd8e911f93d04c74eca4123b891213678e5fdc70c58c6234483a4e7d400f77c9a614ef1418643ded1302cd00e7b0b29adb5db6db852253ea49715f05717c185cae5bc4bf707bded5ac6c95aa4baab726faebacd8c8eef1740499a097e8a45817487c64bbdfad9999a974fdae6fd7b24c1ec3d65e0d84a71995c2d28c8d333d4c6e731ce9a23aaeb131ac30f6e6fbbdbc3b944d40309449996df6fffb4222816a57d98a44f9acf561972f560cf03bf22a1d393da82249b1f18a39614492cc7360407d912e98752d630ac463f4ca230e4a39123830b298b12b10ef84a8e634e95c91c146861111dd725da23784c10ec24ac88bca7631dca0367e0997928c7704c2a8b64247aa5b37a93c748d42ef550f72f12a25c21cc32ec6216d1241441b0b31ba789e073a0ac53cb80ca1a13bcdb3ed251eddfa301080fe945d01973a69df92b4c4a0b167fa647256fa0321b5226b4006c256209f8aebe41bd1a7e0e27778f14356a2e99606055456e2b7c70794741dfb975898cf301647819752fb882c5ccb3084c6fdbd5ed563b7cdca45166f4c7c6c0d1f1de6161339de16a41d1b42d9d9fc32ef55c2d35afeeea527b7f69f945f62893e3064315fe532113e90dbab3815c6552948fb5cfce0ba80006a0ea62b91515020a4b2d417cba159737fa26b423287b47ae5f92bd88abbc8b96b66f79927b3e74186785ae4ca8dc61d6f36b6b5b9608c2b00adb2d5e64573f575b27aa61796f0ddc4988b7aeedcbd782c232e9ab4aff6bc2a839ed178bd590178c1c8f541f31098fd5d110d8fbc827c8139c3edb1f77b991a332eaf39ddeeba9fe0677ba63221be8ecdeec63c3be6ec2883513639cf98e2e9f0ecfed7892e0c31f3f6de075020c66775f83b4d8ea460f8d77e5d1b32eaab70fc0c1d2a4a4f983aab3ac73829e7604b1f10481fd416d23bc12eccfad831cd9098c4ecc0a674c0efc7d368d3c5a90bb743b4475e988f3d0f5c4fb7dcdbc7441ddefeca085930bfad678ef857d89db336cda37591a2", 0x1000}], 0x6, 0x0, 0x0, 0x50}], 0x9, 0x40) 02:35:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277]}) [ 521.117632][T27353] FAULT_INJECTION: forcing a failure. [ 521.117632][T27353] name failslab, interval 1, probability 0, space 0, times 0 [ 521.174616][T27353] CPU: 1 PID: 27353 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 521.183774][T27353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.193836][T27353] Call Trace: [ 521.197150][T27353] dump_stack+0x172/0x1f0 [ 521.201489][T27353] should_fail.cold+0xa/0x15 [ 521.206077][T27353] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 521.211878][T27353] ? ___might_sleep+0x163/0x280 [ 521.216721][T27353] __should_failslab+0x121/0x190 [ 521.221647][T27353] should_failslab+0x9/0x14 [ 521.226143][T27353] kmem_cache_alloc_trace+0x2d1/0x760 [ 521.231499][T27353] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 521.237293][T27353] __memcg_init_list_lru_node+0x8a/0x1e0 [ 521.242912][T27353] __list_lru_init+0x3cf/0x6e0 [ 521.247677][T27353] alloc_super+0x78d/0x890 [ 521.252118][T27353] sget_userns+0xf1/0x560 [ 521.256429][T27353] ? get_anon_bdev+0xc0/0xc0 [ 521.261003][T27353] ? get_anon_bdev+0xc0/0xc0 [ 521.265576][T27353] sget+0x10c/0x150 [ 521.269368][T27353] ? ovl_show_options+0x550/0x550 [ 521.274372][T27353] mount_nodev+0x31/0x110 [ 521.278688][T27353] ovl_mount+0x2d/0x40 [ 521.282752][T27353] ? ovl_own_xattr_set+0x10/0x10 [ 521.287690][T27353] legacy_get_tree+0xf2/0x200 [ 521.292353][T27353] vfs_get_tree+0x123/0x450 [ 521.296838][T27353] do_mount+0x1436/0x2c40 [ 521.301152][T27353] ? copy_mount_string+0x40/0x40 [ 521.306077][T27353] ? _copy_from_user+0xdd/0x150 [ 521.310915][T27353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.317137][T27353] ? copy_mount_options+0x30e/0x440 [ 521.322320][T27353] ksys_mount+0xdb/0x150 [ 521.326545][T27353] __x64_sys_mount+0xbe/0x150 [ 521.331210][T27353] do_syscall_64+0x103/0x610 [ 521.335789][T27353] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.341667][T27353] RIP: 0033:0x457e29 [ 521.345550][T27353] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.365134][T27353] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:35:38 executing program 3: r0 = memfd_create(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x20005) ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000080)=0x2) r2 = dup2(r0, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^H\x00\x00\x00\x00\x00\x00\x00\x7fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x05\x00\x00\x00t\xdb\xcf\xa6\xdcM'}) write$sndseq(r1, &(0x7f000000a000)=[{0x0, 0x100000001, 0x0, 0x0, @time={0x77359400}, {}, {}, @addr}], 0x30) ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000180)={0xc2, 0xb246, 0x1a8, "f1caf7d4642e4374804617e42a235d746869ea059802b1c829db7d92c42863f45affad1fb220449b70504cff279980ef2801723a35f35a2f469bc58a6b833a10e5dc807d0ab1874be6d2a38bcd7bfcca98c74684839f19d838875e2d6ed3bd2e526d1a84a908914e54a36640c4ab296792a1be49099e41505744a4d06cb273335f144df4464ca0ac2c47dac45928db9e9a7195a2072d5e6dd223fde9c85fa7248b20d9f29b645f1cef6b9c543824b0b62ab77dd441b3eba772ba9c2247c47a3f6f90"}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000002c0)={0x4}) fstat(r1, &(0x7f00000000c0)) 02:35:38 executing program 5: r0 = userfaultfd(0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@mcast2, 0x81}) sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x800000d) r2 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x10000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x2, 0xfd9) ioctl(r2, 0x10001, &(0x7f0000000100)="1500040800000000000040") socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket(0xa, 0x40000000003, 0x1) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$TIOCGSID(r4, 0x5429, &(0x7f00000004c0)=0x0) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) ioctl$sock_FIOSETOWN(r7, 0x8901, &(0x7f00000002c0)=r6) ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) r8 = memfd_create(&(0x7f0000000740)='/proc/sys/ne\t\x00\x00\x00\x00\x00\x00\x00s/am_droprate\x00C/\xe6\x01\xa6x\"\x15Lz\xbc\x8b\xc4\xa2\x8c\x8e\xfc>\xe8\x92\x97Q\x82xx\x8e\b\xf0\xa0vI\x02\x00\x00\x00\x00\x00\x00\x003u\xc2\xd0C7p\xddv\xbbX\x95\t\xe0D\xdc\xb4!\xcc\xaf!\b\xf3A\x99&_Ep\x15<\xd6\xcb4T\xce\xdf\xd0\xdc\x1f\xf7\x15^3\xc7r45\xba\xb9\xb2c\xbc\x8d]x\xb6\xa85\xc7$\xf2 \xa4\x1e\xe2\x85o\x15\xceS&\x9caz\xe4\xbd\xd38\xa4', 0x4) write$binfmt_misc(r3, &(0x7f0000000c40)=ANY=[], 0x0) close(r4) r9 = dup3(r3, r8, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)}}, 0x331) syz_open_dev$sndseq(&(0x7f0000000240)='/dev/snd/seq\x00', 0x0, 0x200100) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000340)={0x1, 0x0, {0xdf, 0x1, 0x1ff, 0x7}}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000184000)=ANY=[@ANYBLOB="020100021000000051060600000000000800120000ffff00000000000000000006000000000000000000800000000000e00000010b00000000000000000035000000000000000000000000ff00000000030006000000000002000004000000bb000000000000000003000500000000000200423b000000000000004000000000"], 0x80}}, 0x0) r10 = socket$key(0xf, 0x3, 0x2) sendmmsg(r10, &(0x7f0000000180), 0x400000000000117, 0x0) syz_open_dev$radio(&(0x7f0000000300)='/dev/radio#\x00', 0x1, 0x2) clock_gettime(0x0, &(0x7f0000000380)) [ 521.373526][T27353] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 521.381481][T27353] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 521.389444][T27353] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 521.397396][T27353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 521.405361][T27353] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 521.557845][T27391] bridge0: port 3(gretap0) entered blocking state [ 521.586331][T27391] bridge0: port 3(gretap0) entered disabled state [ 521.641675][T27391] device gretap0 entered promiscuous mode [ 521.663525][T27391] bridge0: port 3(gretap0) entered blocking state [ 521.670506][T27391] bridge0: port 3(gretap0) entered forwarding state [ 523.718184][ C0] net_ratelimit: 18 callbacks suppressed [ 523.718192][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 523.729763][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 523.735572][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 523.741384][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277]}) 02:35:40 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x5c0d) write(r1, &(0x7f0000000180)='G', 0x1) prctl$PR_GET_SECUREBITS(0x1b) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x9) getsockopt$inet6_dccp_int(r0, 0x21, 0x6, &(0x7f0000000040), &(0x7f0000000080)=0x4) 02:35:40 executing program 1: r0 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x3, 0x400) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x10000}, 0x8) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x41, &(0x7f0000000080)={'mangle\x00'}, &(0x7f00000001c0)=0x28) r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x5, 0x10000) ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000040)={0xce93, "e39b507f468f5bf88cba4cfae42eb0d80c92c537c67ad7e654b9710338af7d7b", 0x3, 0x1}) 02:35:40 executing program 0 (fault-call:20 fault-nth:50): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:40 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) mmap$perf(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x40010, r0, 0x2f) r1 = socket$vsock_dgram(0x28, 0x2, 0x0) connect$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10) [ 523.958157][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 523.964025][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:40 executing program 1: sched_setaffinity(0x0, 0xfffffffffffffcbf, &(0x7f00000000c0)=0x8000009) pipe(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='tunl0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x7, 0x70, 0x0, 0x200000000000000, 0xff, 0xff, 0x0, 0xffffffffffffffc1, 0x0, 0x8, 0x0, 0x4, 0x2, 0x9, 0x41ab80d8, 0xc4, 0x0, 0x8, 0x4, 0x40, 0x8, 0x2, 0x5, 0x200, 0x9, 0x0, 0x3ff, 0xffffffff, 0xc000, 0x3, 0x0, 0x20, 0xff, 0x800, 0x9, 0x7, 0x6fb8000000000, 0x3, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000180), 0xf}, 0x3000, 0x4, 0x0, 0x1, 0x1, 0x6, 0x81}, 0x0, 0x10, 0xffffffffffffffff, 0xa) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x90000, 0x0) write$FUSE_POLL(r2, &(0x7f0000000080)={0x18, 0xfffffffffffffffe, 0x6, {0xffffffffffffffff}}, 0x1c) getpeername$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0xffffffffffffff9d) ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, &(0x7f0000000340)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff) getpid() 02:35:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277]}) 02:35:40 executing program 5: clock_gettime(0x7, &(0x7f0000000200)={0x0, 0x0}) ppoll(&(0x7f0000000080)=[{0xffffffffffffffff, 0x9221}, {0xffffffffffffffff, 0x2}, {0xffffffffffffffff, 0x4000}, {0xffffffffffffffff, 0x120}, {0xffffffffffffffff, 0x93}], 0x5, &(0x7f0000000100)={r0, r1+10000000}, &(0x7f0000000140)={0x9}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000040)={0xd0}) ioctl$BLKFLSBUF(0xffffffffffffffff, 0x1261, &(0x7f0000000000)=0x100) ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, &(0x7f0000000280)=""/4096) 02:35:40 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) io_setup(0x2, &(0x7f0000000280)=0x0) eventfd2(0x0, 0x0) io_submit(r1, 0x0, 0x0) io_submit(r1, 0x2, &(0x7f0000001640)=[&(0x7f0000000000)={0x0, 0x0, 0x3, 0x0, 0x0, r0, 0x0}, 0x0]) [ 524.166700][T27422] FAULT_INJECTION: forcing a failure. [ 524.166700][T27422] name failslab, interval 1, probability 0, space 0, times 0 [ 524.232626][T27422] CPU: 0 PID: 27422 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 524.241796][T27422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.251872][T27422] Call Trace: [ 524.255163][T27422] dump_stack+0x172/0x1f0 [ 524.259489][T27422] should_fail.cold+0xa/0x15 [ 524.264070][T27422] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 524.269882][T27422] ? ___might_sleep+0x163/0x280 [ 524.274729][T27422] __should_failslab+0x121/0x190 [ 524.279654][T27422] should_failslab+0x9/0x14 [ 524.284142][T27422] kmem_cache_alloc_trace+0x2d1/0x760 [ 524.289498][T27422] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 524.295295][T27422] __memcg_init_list_lru_node+0x8a/0x1e0 [ 524.300918][T27422] __list_lru_init+0x3cf/0x6e0 [ 524.305679][T27422] alloc_super+0x78d/0x890 [ 524.310084][T27422] sget_userns+0xf1/0x560 [ 524.314395][T27422] ? get_anon_bdev+0xc0/0xc0 [ 524.318982][T27422] ? get_anon_bdev+0xc0/0xc0 [ 524.323726][T27422] sget+0x10c/0x150 [ 524.327519][T27422] ? ovl_show_options+0x550/0x550 [ 524.332524][T27422] mount_nodev+0x31/0x110 [ 524.336837][T27422] ovl_mount+0x2d/0x40 [ 524.340895][T27422] ? ovl_own_xattr_set+0x10/0x10 [ 524.345817][T27422] legacy_get_tree+0xf2/0x200 [ 524.350478][T27422] vfs_get_tree+0x123/0x450 [ 524.354964][T27422] do_mount+0x1436/0x2c40 [ 524.359282][T27422] ? copy_mount_string+0x40/0x40 [ 524.364207][T27422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.370426][T27422] ? copy_mount_options+0x30e/0x440 [ 524.375608][T27422] ksys_mount+0xdb/0x150 [ 524.379834][T27422] __x64_sys_mount+0xbe/0x150 [ 524.384501][T27422] do_syscall_64+0x103/0x610 [ 524.389092][T27422] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.394962][T27422] RIP: 0033:0x457e29 [ 524.398862][T27422] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 524.418458][T27422] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 524.426855][T27422] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 524.434811][T27422] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 524.442763][T27422] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 524.450716][T27422] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 524.458671][T27422] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 524.466912][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 524.472741][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:41 executing program 0 (fault-call:20 fault-nth:51): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x0, 0x2]}) [ 524.758935][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 524.765389][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 524.798929][T27461] FAULT_INJECTION: forcing a failure. [ 524.798929][T27461] name failslab, interval 1, probability 0, space 0, times 0 [ 524.813356][T27461] CPU: 1 PID: 27461 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 524.822500][T27461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.832555][T27461] Call Trace: [ 524.835840][T27461] dump_stack+0x172/0x1f0 [ 524.840156][T27461] should_fail.cold+0xa/0x15 [ 524.844728][T27461] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 524.850517][T27461] ? ___might_sleep+0x163/0x280 [ 524.855352][T27461] __should_failslab+0x121/0x190 [ 524.860271][T27461] should_failslab+0x9/0x14 [ 524.864752][T27461] kmem_cache_alloc_trace+0x2d1/0x760 [ 524.870103][T27461] ? __memcg_init_list_lru_node+0x105/0x1e0 [ 524.875979][T27461] __memcg_init_list_lru_node+0x8a/0x1e0 [ 524.881595][T27461] __list_lru_init+0x3cf/0x6e0 [ 524.886338][T27461] alloc_super+0x78d/0x890 [ 524.890734][T27461] sget_userns+0xf1/0x560 [ 524.895052][T27461] ? get_anon_bdev+0xc0/0xc0 [ 524.899620][T27461] ? get_anon_bdev+0xc0/0xc0 [ 524.904203][T27461] sget+0x10c/0x150 [ 524.907995][T27461] ? ovl_show_options+0x550/0x550 [ 524.913007][T27461] mount_nodev+0x31/0x110 [ 524.917341][T27461] ovl_mount+0x2d/0x40 [ 524.921396][T27461] ? ovl_own_xattr_set+0x10/0x10 [ 524.926336][T27461] legacy_get_tree+0xf2/0x200 [ 524.930995][T27461] vfs_get_tree+0x123/0x450 [ 524.935490][T27461] do_mount+0x1436/0x2c40 [ 524.939800][T27461] ? copy_mount_string+0x40/0x40 [ 524.944720][T27461] ? copy_mount_options+0x1de/0x440 [ 524.949896][T27461] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 524.955418][T27461] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.961633][T27461] ? copy_mount_options+0x30e/0x440 [ 524.966836][T27461] ksys_mount+0xdb/0x150 [ 524.971058][T27461] __x64_sys_mount+0xbe/0x150 [ 524.975714][T27461] do_syscall_64+0x103/0x610 [ 524.980635][T27461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.986507][T27461] RIP: 0033:0x457e29 [ 524.990386][T27461] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 525.009965][T27461] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 525.018356][T27461] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 525.026306][T27461] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 525.034258][T27461] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 525.042207][T27461] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 525.050155][T27461] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:35:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:43 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x201, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000580)='/dev/btrfs-control\x00', 0x400401, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r1, 0x6430) syz_open_pts(0xffffffffffffffff, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x900, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000240)={0xffffffffffffffff}, 0x111, 0x1009}}, 0x20) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000300)={0x0, 0xeb, "be520cfaacb38a33602ecb3902dcc5e2b1c2f47f137c43c7f8943eec15251d80cdb80a6ec20e3cf133fecd24be1e6a27719d59de1ebb7b0b9672e7afab852125a011f6f2e3c4cc1a30cfe1d87e762c145cca1437a8aca4e1944247ad3def50b2158eaa746f95c218ab23d818289798df5da42816d2515fa47c6fb043ca06df51a10443509cbfbdd6d3afbbae5690293c717be963b18dc4249c18831d00747dae7d29ba215e2ebb5e2b6d3214a83e94e603594390ccd920a5ea3ad3e6ef91a3e8465e9159cbead419ac7938c8d7e2a2d2883e2362979c7029ff86b33002aa2abe41d2395c0e102ddc5b660d"}, &(0x7f0000000400)=0xf3) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000480)={r4, @in6={{0xa, 0x4e22, 0x1f, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7}}, 0x3ff, 0x8000, 0x3f, 0x833, 0x80}, &(0x7f0000000540)=0x98) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000440)={r4, 0x4}, 0x8) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r2, &(0x7f00000002c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000040), r3, 0x3}}, 0x18) 02:35:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x4000400) r1 = socket(0x22, 0x2, 0x2) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x100, 0x4) ioctl$IMGETDEVINFO(r1, 0x80044942, &(0x7f0000000000)) 02:35:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x0, 0x2]}) 02:35:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x10000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x8, 0x200, 0x1ff, 0x100000000, r2}, &(0x7f0000000180)=0x10) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f3b0d123f3188a070") r3 = socket$kcm(0x2b, 0x1, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r1, 0xc0104320, &(0x7f0000000280)={0x7, &(0x7f00000001c0)="c27825bd8f8dbf4a498a98e0b16eee6e6972565a0cca8cbea9c1a771013709f830516c72733aa793157ecccebb8bc8ae1f9dbc1fa0a94df3062528e3ddb0e62396a839256694ea8b2b70c8f5b51d00cd5e22e5a885e82787d19a5c5f0e917ad1235132e00edbd55ed6557badcbae11fba4ab9e5f6b12ea97188dc62544dd6d5d33268314611df8255d9faa510d25f2d2fd9c6c"}) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000002c0)=0x6) 02:35:43 executing program 0 (fault-call:20 fault-nth:52): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:43 executing program 3: r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(r0, &(0x7f0000001200)={&(0x7f00000000c0)=@in6={0xa, 0x0, 0x0, @local}, 0x80, 0x0, 0x286, &(0x7f0000000140)=[{0x730, 0x29, 0x37, "7ce3a1067ca0acb0c4170669fd8086f662ce9bd61fef29dab84b2f1d84cdcbd3f2f7ee5945599520d59be00b26d2ea8b8cabc9f62e4b0e245ad2d46ab4566118183328e32459e65c2ae559429281e8fd5fd1734e331aa8bfe5b76b7ca2cf94747027f819626b046ce748a742208b76a83e8e214d31e134f592d64831ee9c93ce00240466b1cfdeb03aa05785ff393e74e2aaafefba8c1edb9c72061aa96e0f41d40e0ded0811d23922993a97a88656c34215428f3c987b2b83f66705de68620c498d7e35cacacdaba2fbf0e5539e134634acfbc5cb3484626626125c4338b202940f1266b8a1f228609cee23227e4cfde4cc1b64368a084a5064cc83a61e24be517c3faff2c25688c0a402a9804e9d034e4acf26c4a5718d8e21eb986fc70a40ac564c1e29c0412bc956e844e19343365228bbe2e7491a36322b974883a8b7c11fa9c51183fffd5f01041fa2e90502b2d10382e6b2e2c87a6bfc278918d1e0aa64fa4228f0ac97c84d64faef96d86a8296eea1f9a45affcb4ffe22aecaac6d2a0e8317541d5377e7372d23b77f769aedb7a6438cced9d2a8555505809c9044e2cdd532bb9fb6b7880ea603b797376dea07e7249bb6860cc422d82150594fd9c0081e9fea838b936c4adb8d70920dfa033fce18973ffa8b487754dc474fc9c15decac9e6f30ff25d0c618085561f510395f2a98c4cd7979266a36e7b203e9d38ab6d174231141f4eced579c2d266a52936688b3473f9fff46ebe93aa0679884bf08933d33c56f0087edf8ef5b3cee9a68fb06a7256f40f8e70a6a93917fb1caac2964d53c3934992312c9b1c1e574a6a72474ff382dbb7913281c8dc39c782d7e96720aff875e928c91716525099fc84379ffd161181a874f147c827fbd61ab5d798548e753397bd46730094981b437f9d5d77a45a02c78d1b90b98d70ee18fb321e08a68e5b535fd8daf979802858ea4b4412365d648769c3f7a22a5872bacde12ff008706baf2f40cc91b42dccff7174e2a6cd1ccb8812643920c7b0d26dcfa284435c9661eaac5e9cfdadc818d3ea3089c9c59fb4edac142cc33b1c47037e5486c18a1d5a0b39cc0a5cd90385aac169ff961b0bc8d6d78e3555c7a9589769b21e5bd7d110c4ba142dbcf8e3e7bdeb86c035809684ad266aeff553294eff12f780d6d60c761685883f88eb510cbafaf7944c80cc6427ee987de4c58e00a33f7236423f1fb844339b82bc50d11397c7bc96598cea5f8ec21ae7c0ad5ec14e0749ac51dfa225a4550a6fcc163120098fd8635682f306e70ad00fe798df1397657a39be9fd459d8c79d5d9ad81dd109360b6a4c73c4aae2fa0f9b538b069e330f29ef76a14126d10c4003a6ab97ef2ae43ccb4f9a4e1058642f32f78e5ee4afa069b667e8925439fb853664a8cf2a71494a16bd004a239c6001bef50776cc5700b793a573b0fb2d6e9684684cae9315a3ecc6d07ce28e265d574e1f626df111ab4343fe3e43b4ff9b75370c6ef878f8cb66a397cfd789c55c3f61f231e57ffd9cb650b7388088d1a987eb655b628a529515911d23ada4188d38f6baa919ee3556681ed68da4dbb2f6c40230b72c2329e9980d7ab6291faca2e22f3cb2da695f9840f07985e3da580d9199dd747c4877ddb7b42eb8c3a1a414fbb398d4015ddadc1615b71a263c9918277b2c05f0297e09bcba2d417b9beb1b496629c4afa0a8f29d2c0a44f9bdc3bc0125fda42503126a9f26f59822e9abd254082b9271b295028c8149b4cde5cdaed73fd79fa9a2643d0dd16ac1fb69d1458c3eb3d586d815a36742bd4b6b9d83654afb38752fcfb69244c9ca02e84864f15638aeb0bf696106d3dcdf40e881ad6729f8f24d2f6d72968dea010b09dbc763c4a60ecd3156389b4fba002e21b23623e93d0fba4ac96a3e16702646fd7e34f5d64b26819265f8a71bd71b3a7db8ddd48785cfbe2ec4bf9f55fe29d2467bb3312c29d9ea1fb39cebf7e3d55bc6fdd9b0d0af18109a8844e6688681000a80f0c2fd96ecf6c36b5b6f6e9e8a2b3eea373c44849ee9d0cc48c26062a6838e4e2b31961c30aa169358f04ffee94cf9bfcf869df5b70ad847786588f6b8f494787fee93d1c34c75730a6c16f0f6a7bdc74ea632102e6cc28b326d65d3144ccbb4f0adbecec8a6a33117de76cc714f2bc4216ea31716d1a6900e111da3c681e64e878300ae764f1352ced081bb6b0b29b954a504fcd4469fea5dadc213672d6140e5dc9a11875121cf0ddc5cf5d2a35f33d75c9a294ecde7a2af72b20cba4a41be2237e2de347686a1ca11c1bbf3d7421adccb7a4e97c524b819d57dec540db89406352296e83dbf406ff2e3443c7d97461728783888c253087f038f8fa3bcd59c5a0922d2d10d9098150b472fcf1198ec3a78be52e25f8115f071007bb237cf476760230f2db8d81622a0d136e05b6f4134ff33d6c35cdd407ce0fdcab5126ca662b1b5cab8916437dfb955f27c9cceec86017861564f84ed40b21035a9ca5951dc4a69caf42fba9d5758831cfd3a7954dd1818dad4c8c0214ad498940decdb16df7ac4d"}], 0x730}, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000003c00)={'team_slave_0\x00'}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000c80)={0x0, 0xffff, 0xffff, 0x100000001, 0x7, 0xffffffffffffff80}, &(0x7f0000003d80)=0x14) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000003dc0)={r2, @in={{0x2, 0x4e21, @multicast2}}, 0x3, 0x4, 0xc6e4, 0x0, 0x43}, &(0x7f0000003e80)=0x98) mount$overlay(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000003c80)='overlay\x00', 0x2000000, &(0x7f0000004000)={[{@xino_auto='xino=auto'}], [{@smackfsdef={'smackfsdef', 0x3d, 'eth0eth1!\xfaem1#posix_acl_access.lo'}}, {@context={'context', 0x3d, 'system_u'}}]}) recvmmsg(r0, &(0x7f0000003940)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000880)=""/163, 0xa3}, {&(0x7f0000000940)=""/106, 0x6a}], 0x2, &(0x7f00000009c0)=""/56, 0x38}, 0xef0}, {{&(0x7f0000000a00)=@ipx, 0x80, &(0x7f0000000c40)=[{&(0x7f0000000a80)=""/148, 0x94}, {&(0x7f0000000b40)=""/228, 0xe4}], 0x2, &(0x7f0000000c80)}, 0xed}, {{&(0x7f0000000cc0)=@nl=@unspec, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000d40)=""/188, 0xbc}, {&(0x7f0000000e00)=""/108, 0x6c}, {&(0x7f0000000e80)=""/218, 0xda}], 0x3, &(0x7f0000000fc0)=""/207, 0xcf}, 0x8}, {{&(0x7f00000010c0)=@ll={0x11, 0x0, 0x0}, 0x80, &(0x7f00000013c0)=[{&(0x7f0000001240)=""/230, 0xe6}, {&(0x7f0000001140)=""/177, 0xb1}, {&(0x7f0000001340)=""/70, 0x46}], 0x3, &(0x7f0000001400)=""/213, 0xd5}, 0x20}, {{&(0x7f0000001500)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000037c0)=[{&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f0000002580)=""/155, 0x9b}, {&(0x7f0000002640)=""/45, 0x2d}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000003680)=""/43, 0x2b}, {&(0x7f00000036c0)=""/236, 0xec}], 0x6, &(0x7f0000003840)=""/225, 0xe1}, 0x8}], 0x5, 0x10140, 0x0) r4 = geteuid() ioctl$TCSETA(r1, 0x5406, &(0x7f0000003bc0)={0x7, 0x80000001, 0x2, 0x3, 0x12, 0x4000000, 0x100, 0x0, 0x8130, 0x7}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000003a80)={{{@in=@multicast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000003b80)=0xe8) sendmsg$nl_xfrm(r1, &(0x7f0000003d40)={&(0x7f0000000040), 0xc, &(0x7f0000003d00)={&(0x7f0000003ec0)=ANY=[@ANYBLOB="100100001a00000126bd7000ffdbdf25ffffffff000000000000000000000000ff0200000000000000000000000000014e2200074e2200000a00808002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="ac14141e000000000000000000000000000004d63c00000000000000000000000000ffffac1414259b130000000000000000000000000000060000000000000000040000000000000008000000000000afaae0e8a5000000000000040000000000000001000000000000000000000000c03f0000000000008100fcfffffffe030000090000000200000029bd7000053500000200030008000000000000000c001c0000000000000000000000000000", @ANYRES32=r5, @ANYBLOB="0100000014000d00ac1e0001000000000012c90800b602f9"], 0x110}, 0x1, 0x0, 0x0, 0x24000000}, 0x800) 02:35:43 executing program 5: r0 = syz_open_dev$radio(&(0x7f0000000280)='/dev/radio#\x00', 0x2, 0x2) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f00000002c0)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x20011, r4, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mount$overlay(0x404000, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x7ff, 0x80002) write$RDMA_USER_CM_CMD_GET_EVENT(r5, &(0x7f0000000080)={0xc, 0x8, 0xfa00, {&(0x7f0000000100)}}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 02:35:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x0, 0x2]}) 02:35:44 executing program 1: r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000080)) write$binfmt_aout(r0, &(0x7f0000000280)={{0x10b, 0x3, 0xffffffff, 0xa0, 0x336, 0x401, 0x188, 0xffffffffffff065a}, "2325eaeab5a6416b18d91ed8ca91a76fca6d39d93ba8837ed25e0b54deb2a8bcb95f9b5d29a736155df11a66904ef571c29a0d3d26c0a88a81b8c5b00651bb5faaf7814b42dea4f3bda273a40c5d345e7d38834183c7309c4b3ae394c8654bff82f2359ae33d2b4e1100dbb5951d568c1d76d979559c0496925891e1ff3b2fa806a63d7ee67a42a8160d36729608d7606e71fbac97e4a89f217c65b58104b9894b83e27bd5fc42d1b3297863569cd60c50cf501744e072b39abbee1174", [[], [], [], [], [], [], [], [], []]}, 0x9dd) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) close(r1) openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) io_setup(0x7, &(0x7f0000000240)=0x0) io_submit(r2, 0x200001a0, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x7ffffffff000}]) [ 527.257736][T27479] FAULT_INJECTION: forcing a failure. [ 527.257736][T27479] name failslab, interval 1, probability 0, space 0, times 0 [ 527.316926][T27479] CPU: 0 PID: 27479 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 527.326065][T27479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.336122][T27479] Call Trace: [ 527.339428][T27479] dump_stack+0x172/0x1f0 [ 527.343777][T27479] should_fail.cold+0xa/0x15 [ 527.348376][T27479] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 527.354213][T27479] ? ___might_sleep+0x163/0x280 [ 527.359068][T27479] __should_failslab+0x121/0x190 [ 527.364015][T27479] should_failslab+0x9/0x14 [ 527.368526][T27479] kmem_cache_alloc_trace+0x2d1/0x760 [ 527.373909][T27479] ? __memcg_init_list_lru_node+0x67/0x1e0 [ 527.379744][T27479] __memcg_init_list_lru_node+0x8a/0x1e0 [ 527.385385][T27479] __list_lru_init+0x3cf/0x6e0 [ 527.390163][T27479] alloc_super+0x78d/0x890 [ 527.394593][T27479] sget_userns+0xf1/0x560 [ 527.398971][T27479] ? get_anon_bdev+0xc0/0xc0 [ 527.403580][T27479] ? get_anon_bdev+0xc0/0xc0 [ 527.408178][T27479] sget+0x10c/0x150 [ 527.412000][T27479] ? ovl_show_options+0x550/0x550 02:35:44 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x8, 0x100) ioctl$BLKROSET(r0, 0x125d, &(0x7f00000000c0)) r1 = memfd_create(&(0x7f0000000300)='\vemI\xc1\x8dO\xc0\xa3\\\xe2\xcb\xa2\xba\xcb\xf4\x97\xac#*\xff\xc0\xd0\xe7\x99y\x05\f\xb9\x15R8\xce1\xb3\xd6\xcf\xbf\xaa\x88\xcb\xf0\x1cw61\x9f\xc2\x85+\x87 \\\xde\xde\x0f0x0}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001940)={'tunl0\x00', r4}) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10013, r1, 0x0) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000000)=0x0) getpgrp(0xffffffffffffffff) gettid() waitid(0x0, r5, &(0x7f0000000140), 0xfffffffffffffffd, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000100)=0xd, 0x4) 02:35:44 executing program 2 (fault-call:3 fault-nth:0): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 527.417030][T27479] mount_nodev+0x31/0x110 [ 527.421373][T27479] ovl_mount+0x2d/0x40 [ 527.425441][T27479] ? ovl_own_xattr_set+0x10/0x10 [ 527.425458][T27479] legacy_get_tree+0xf2/0x200 [ 527.425476][T27479] vfs_get_tree+0x123/0x450 [ 527.439571][T27479] do_mount+0x1436/0x2c40 [ 527.443923][T27479] ? copy_mount_string+0x40/0x40 [ 527.448868][T27479] ? copy_mount_options+0x1de/0x440 [ 527.454069][T27479] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 527.459620][T27479] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.465849][T27479] ? copy_mount_options+0x30e/0x440 [ 527.471046][T27479] ksys_mount+0xdb/0x150 [ 527.475282][T27479] __x64_sys_mount+0xbe/0x150 [ 527.480000][T27479] do_syscall_64+0x103/0x610 [ 527.484605][T27479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.490492][T27479] RIP: 0033:0x457e29 [ 527.494368][T27479] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 527.513953][T27479] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 527.522345][T27479] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 527.530307][T27479] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 527.538270][T27479] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 527.538280][T27479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 527.538288][T27479] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 527.632983][T27515] FAULT_INJECTION: forcing a failure. [ 527.632983][T27515] name failslab, interval 1, probability 0, space 0, times 0 [ 527.673448][T27515] CPU: 0 PID: 27515 Comm: syz-executor.2 Not tainted 5.0.0-rc6-next-20190215 #36 [ 527.682608][T27515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.692677][T27515] Call Trace: [ 527.695986][T27515] dump_stack+0x172/0x1f0 [ 527.700336][T27515] should_fail.cold+0xa/0x15 [ 527.704942][T27515] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 527.710767][T27515] ? ___might_sleep+0x163/0x280 [ 527.715640][T27515] __should_failslab+0x121/0x190 [ 527.720664][T27515] should_failslab+0x9/0x14 [ 527.725156][T27515] __kmalloc_track_caller+0x2d8/0x740 [ 527.730614][T27515] ? msr_io+0xf6/0x2e0 [ 527.730671][T27515] memdup_user+0x26/0xb0 [ 527.730687][T27515] msr_io+0xf6/0x2e0 [ 527.730723][T27515] ? do_get_msr+0x150/0x150 [ 527.738997][T27515] ? emulator_set_hflags+0xa0/0xa0 [ 527.739013][T27515] ? lock_acquire+0x16f/0x3f0 [ 527.739028][T27515] ? kvm_arch_vcpu_ioctl+0x128c/0x3040 [ 527.739053][T27515] kvm_arch_vcpu_ioctl+0x12db/0x3040 [ 527.739067][T27515] ? kvm_arch_vcpu_ioctl+0x128c/0x3040 [ 527.739082][T27515] ? perf_trace_lock_acquire+0xf5/0x580 [ 527.739098][T27515] ? kvm_arch_vcpu_put+0x460/0x460 [ 527.739113][T27515] ? perf_trace_lock+0x510/0x510 [ 527.739132][T27515] ? __lock_acquire+0x55d/0x4710 [ 527.793905][T27515] ? lock_acquire+0x16f/0x3f0 [ 527.798576][T27515] ? kvm_vcpu_ioctl+0x181/0xfa0 [ 527.803423][T27515] ? __mutex_lock+0x3cd/0x1310 [ 527.808184][T27515] ? mark_held_locks+0xf0/0xf0 [ 527.812926][T27515] ? kvm_vcpu_ioctl+0x181/0xfa0 [ 527.817756][T27515] ? perf_trace_lock_acquire+0xf5/0x580 [ 527.823280][T27515] ? mutex_trylock+0x1e0/0x1e0 [ 527.828034][T27515] ? __lock_acquire+0x55d/0x4710 [ 527.832964][T27515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 527.839184][T27515] ? _kstrtoull+0x14c/0x200 [ 527.843669][T27515] ? _parse_integer+0x190/0x190 [ 527.848531][T27515] ? __lock_acquire+0x55d/0x4710 [ 527.853470][T27515] kvm_vcpu_ioctl+0x8f6/0xfa0 [ 527.858140][T27515] ? kvm_vcpu_block+0xcd0/0xcd0 [ 527.862980][T27515] ? mark_held_locks+0xf0/0xf0 [ 527.867754][T27515] ? debug_smp_processor_id+0x3c/0x280 [ 527.873195][T27515] ? perf_trace_lock_acquire+0xf5/0x580 [ 527.878722][T27515] ? __f_unlock_pos+0x19/0x20 [ 527.883393][T27515] ? __fget+0x35a/0x550 [ 527.887551][T27515] ? find_held_lock+0x35/0x130 [ 527.892301][T27515] ? __fget+0x35a/0x550 [ 527.896441][T27515] ? kvm_vcpu_block+0xcd0/0xcd0 [ 527.901275][T27515] do_vfs_ioctl+0xd6e/0x1390 [ 527.905856][T27515] ? kasan_check_read+0x11/0x20 [ 527.910699][T27515] ? ioctl_preallocate+0x210/0x210 [ 527.915790][T27515] ? __fget+0x381/0x550 [ 527.919935][T27515] ? ksys_dup3+0x3e0/0x3e0 [ 527.924331][T27515] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 527.930550][T27515] ? fput_many+0x12c/0x1a0 [ 527.934951][T27515] ? fput+0x1b/0x20 [ 527.938823][T27515] ? security_file_ioctl+0x93/0xc0 [ 527.943918][T27515] ksys_ioctl+0xab/0xd0 [ 527.948068][T27515] __x64_sys_ioctl+0x73/0xb0 [ 527.952670][T27515] do_syscall_64+0x103/0x610 [ 527.957243][T27515] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.963128][T27515] RIP: 0033:0x457e29 [ 527.967020][T27515] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 527.986628][T27515] RSP: 002b:00007f56f1249c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 527.995039][T27515] RAX: ffffffffffffffda RBX: 00007f56f1249c90 RCX: 0000000000457e29 [ 528.002991][T27515] RDX: 0000000020000280 RSI: 000000004008ae89 RDI: 0000000000000005 [ 528.010959][T27515] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 528.019084][T27515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f56f124a6d4 [ 528.027043][T27515] R13: 00000000004c09b1 R14: 00000000004d2728 R15: 0000000000000006 [ 528.918150][ C0] net_ratelimit: 22 callbacks suppressed [ 528.918155][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 528.929667][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 529.158129][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 529.163903][ C1] protocol 88fb is buggy, dev hsr_slave_1 02:35:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:46 executing program 0 (fault-call:20 fault-nth:53): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:46 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f00000004c0)={0x18, 0x0, {0x4, @remote, 'bpq0\x00'}}, 0x1e) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x2, @random="277a4c148d89", 'ip_vti0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x3, @local, 'ip_vti0\x00'}}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x8, 0x101000) ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000080)={0xf, {0x100000000, 0x9, 0x0, 0x8}}) 02:35:46 executing program 2 (fault-call:3 fault-nth:1): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:46 executing program 3: r0 = accept4$rose(0xffffffffffffff9c, &(0x7f0000000000)=@full={0xb, @remote, @netrom, 0x0, [@remote, @remote, @default, @null, @netrom, @null]}, &(0x7f0000000040)=0x40, 0x80000) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f00000000c0), &(0x7f0000000140)=0x68) r1 = accept4(0xffffffffffffff9c, &(0x7f0000000200)=@un=@abs, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f0000000480)={&(0x7f0000000280), 0xc, 0x0}, 0x0) dup(0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ftruncate(r1, 0x4800000) bind$alg(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, 0x0, 0x0) connect$inet6(r2, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) write$binfmt_misc(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="d9c14b0000dd9ed6ccf5ee4075ef67ab9fc49372b21eb83a480da21034ed39c9ba267acf53660000b0437bc58bc64d29"], 0x1200e) 02:35:46 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x208000) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000009700)) [ 530.038120][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 530.043969][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 530.049824][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 530.055578][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:47 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000040)={0x2, [0x0, 0x0]}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r1, 0x9}, 0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x75, &(0x7f0000000000)={r2}, 0x8) 02:35:47 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', r1}) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x20, 0x10000032, 0x829, 0x0, 0x0, {0x2803, 0x1000000}, [@nested={0x7ffff, 0x0, [@typed={0x8, 0x9, @uid}]}]}, 0x1e1}}, 0x0) 02:35:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 530.198509][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 530.205453][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:47 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x81) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = fanotify_init(0x80000000000000, 0x101000) fanotify_mark(r1, 0x105, 0x40000020, r0, 0x0) r2 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0xd9, 0x100) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x1ff, @ipv4={[], [], @rand_addr=0x7}, 0x7ff}}, 0x1000, 0x3, 0x3c00000000000, 0xd68, 0x8}, &(0x7f0000000200)=0x98) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000240)={r3, 0x8b, "4d085f1196d646640ef0422cbfa4937465e28d179c121316c3e38319a30d6402c22a0cdf805e6ad1d1f7c0c2e665e265e1cb7c4514cd4550e4e6ed589abb9aa05c16f2a6f775e78c489b878c1abebe68c800fe024149e080c610290e883eaee09c161fcf4dacb719fe3df2bc2c307deb2e6219602882512eaa71dd066de9150e73b2cde2830a42e2d83033"}, &(0x7f0000000300)=0x93) r4 = dup2(r1, r0) setsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000040)=0x63, 0x2) read(r1, &(0x7f0000000000)=""/64, 0x20000040) [ 530.418246][T27556] FAULT_INJECTION: forcing a failure. [ 530.418246][T27556] name failslab, interval 1, probability 0, space 0, times 0 [ 530.454532][T27556] CPU: 0 PID: 27556 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 530.463679][T27556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.473739][T27556] Call Trace: [ 530.477039][T27556] dump_stack+0x172/0x1f0 [ 530.481400][T27556] should_fail.cold+0xa/0x15 [ 530.486001][T27556] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 530.491817][T27556] ? ___might_sleep+0x163/0x280 [ 530.496678][T27556] __should_failslab+0x121/0x190 [ 530.501649][T27556] should_failslab+0x9/0x14 [ 530.506157][T27556] kmem_cache_alloc_trace+0x2d1/0x760 [ 530.511550][T27556] __memcg_init_list_lru_node+0x8a/0x1e0 02:35:47 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x1fffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc1205531, &(0x7f00000001c0)={0x7, 0x0, 0x3, 0x0, 0x0, [], [], [], 0x8000}) [ 530.517192][T27556] __list_lru_init+0x3cf/0x6e0 [ 530.521964][T27556] alloc_super+0x78d/0x890 [ 530.526405][T27556] sget_userns+0xf1/0x560 [ 530.530740][T27556] ? get_anon_bdev+0xc0/0xc0 [ 530.535351][T27556] ? get_anon_bdev+0xc0/0xc0 [ 530.539941][T27556] sget+0x10c/0x150 [ 530.543754][T27556] ? ovl_show_options+0x550/0x550 [ 530.548791][T27556] mount_nodev+0x31/0x110 [ 530.553122][T27556] ovl_mount+0x2d/0x40 [ 530.557192][T27556] ? ovl_own_xattr_set+0x10/0x10 [ 530.562133][T27556] legacy_get_tree+0xf2/0x200 [ 530.566818][T27556] vfs_get_tree+0x123/0x450 [ 530.571327][T27556] do_mount+0x1436/0x2c40 [ 530.575678][T27556] ? copy_mount_string+0x40/0x40 [ 530.580622][T27556] ? _copy_from_user+0xdd/0x150 [ 530.585481][T27556] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.591721][T27556] ? copy_mount_options+0x30e/0x440 [ 530.597085][T27556] ksys_mount+0xdb/0x150 [ 530.601315][T27556] __x64_sys_mount+0xbe/0x150 [ 530.605990][T27556] do_syscall_64+0x103/0x610 [ 530.610570][T27556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.616441][T27556] RIP: 0033:0x457e29 [ 530.620320][T27556] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 530.639913][T27556] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 530.648304][T27556] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 530.656265][T27556] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 02:35:47 executing program 3: r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_ifreq(r0, 0x9919, &(0x7f0000000080)={'ip6\x00', @ifru_hwaddr=@remote}) [ 530.664216][T27556] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 530.672184][T27556] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 530.680153][T27556] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:35:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:49 executing program 5: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000500)='/dev/dlm_plock\x00', 0x101, 0x0) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100), 0x4) symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x75, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x1, 0x8010000000000084) r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x8, 0x10}, 0xc) epoll_pwait(r1, &(0x7f00000005c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x9, &(0x7f0000000640)={0x1f}, 0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000480)={0x0}, &(0x7f00000004c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000080)={0x8, 0xe, 0x94, 0x22, r4}, &(0x7f0000000180)=0xf9506e50aad9908a) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000001c0)={r5, 0x7}, &(0x7f0000000340)=0x8) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty, 0x2000000000}, 0x1c) r7 = syz_open_dev$admmidi(&(0x7f0000000380)='/dev/admmidi#\x00', 0x80000000000005, 0x80001) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f00000007c0)=ANY=[]) r8 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x957, 0x80000) listen(r2, 0x200000000002) r9 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r9, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x891b, &(0x7f0000000540)={'veth0_to_hsr\x00', {0x2, 0x4e20, @broadcast}}) getsockopt$IP6T_SO_GET_REVISION_MATCH(r3, 0x29, 0x44, &(0x7f0000000800)={'ah\x00'}, &(0x7f00000007c0)=0x1e) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r9, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x10) ioctl$TCSETAW(r7, 0x5407, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) socket$kcm(0x29, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r8, 0x84, 0x70, &(0x7f0000000680)={r6, @in6={{0xa, 0x4e22, 0x5, @dev={0xfe, 0x80, [], 0x27}, 0x400}}, [0x1000, 0x100, 0xfc27, 0x8, 0xff, 0x5, 0x6, 0x123, 0x100000001, 0x6, 0x8, 0xbb, 0x9, 0xa5c6, 0x8001]}, &(0x7f0000000780)=0x100) dup(0xffffffffffffffff) syz_mount_image$vfat(0x0, &(0x7f0000001380)='./file0\x00', 0x7, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYRESHEX=r7, @ANYRESOCT, @ANYPTR=&(0x7f0000000000)=ANY=[@ANYRESHEX, @ANYRES32]]) syz_mount_image$hfs(&(0x7f0000000040)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 02:35:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x11000}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x2, 0x0) ioctl$EVIOCGID(r3, 0x80084502, &(0x7f0000000080)=""/179) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:49 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x7fffd) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f0000000080)={0x80, 0x0, 'client0\x00', 0x0, "2825991415706285", "631879b9efe383bf7428257492a29c16018429aa77531dcc900dff9d074d2f49"}) r1 = syz_open_dev$radio(&(0x7f0000000140)='/dev/radio#\x00', 0x3, 0x2) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000002400)=""/4096) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x200000, 0x0) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000040)=0x7c1) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000180)={0x0, 0x7, 0x7, 0x4, 0x100000001, 0xfffffffffffffc01}, &(0x7f00000001c0)=0x14) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000200)={r3, 0x8000}, &(0x7f0000000240)=0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000340)={0x1005e8, 0x4, 0xff, 'queue0\x00', 0x3}) 02:35:49 executing program 0 (fault-call:20 fault-nth:54): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:49 executing program 1: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video1\x00', 0x2, 0x0) fchmod(r1, 0x40) ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000100)={0x33, 0x1, 0x4}) dup2(r0, r1) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x410000, 0x0) 02:35:50 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0xfffffffffffffff7, 0x80000) inotify_add_watch(r0, &(0x7f00000002c0)='./bus\x00', 0x2) mkdir(&(0x7f0000000700)='./file1\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="55707065726469723d2e2f66696c6507ae6c6f7765726469723d2e2f66692c65312c776f724b6469723d2e2f66696c6531"]) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x0, 0x0) fgetxattr(r1, &(0x7f0000000140)=@known='trusted.overlay.metacopy\x00', &(0x7f00000001c0)=""/163, 0xa3) chdir(&(0x7f00000003c0)='./file0\x00') open(&(0x7f0000000080)='./bus\x00', 0x1fe, 0x0) unlink(&(0x7f0000000040)='./bus\x00') 02:35:50 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) set_mempolicy(0x2, &(0x7f0000000000)=0x3, 0x2) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1, 0x44031, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000340)) ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000080)={0xff, 0xf1a4, 0xfffffffffffffffe, 0x6, 0x1, 0x8001}) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000000c0)=ANY=[@ANYBLOB="0a000000010002008100010001000200765cd07f0a000100"], 0x18) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000200)=0x0) migrate_pages(r2, 0x3, &(0x7f0000000240)=0x6, &(0x7f0000000280)=0x9) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0xf0b7}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000180)={0x4, 0x8, 0x8206, 0x6, 0x6, 0x13, 0x8, 0xfffffffffffffffc, r3}, &(0x7f00000001c0)=0x20) 02:35:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/182, 0xb6}, {&(0x7f0000000180)=""/218, 0xda}, {&(0x7f0000000300)=""/252, 0xfc}, {&(0x7f00000000c0)=""/5, 0x5}], 0x4, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 533.402937][T27599] overlayfs: unrecognized mount option "Upperdir=./filelowerdir=./fi" or missing value [ 533.483146][T27583] FAULT_INJECTION: forcing a failure. [ 533.483146][T27583] name failslab, interval 1, probability 0, space 0, times 0 [ 533.497305][T27583] CPU: 1 PID: 27583 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 533.506435][T27583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.516490][T27583] Call Trace: [ 533.519786][T27583] dump_stack+0x172/0x1f0 [ 533.524133][T27583] should_fail.cold+0xa/0x15 [ 533.528736][T27583] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 533.534560][T27583] ? ___might_sleep+0x163/0x280 [ 533.539410][T27583] __should_failslab+0x121/0x190 [ 533.544332][T27583] should_failslab+0x9/0x14 [ 533.548817][T27583] kmem_cache_alloc_trace+0x2d1/0x760 [ 533.554170][T27583] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 533.559959][T27583] __memcg_init_list_lru_node+0x8a/0x1e0 [ 533.565574][T27583] __list_lru_init+0x3cf/0x6e0 [ 533.570334][T27583] alloc_super+0x78d/0x890 [ 533.574747][T27583] sget_userns+0xf1/0x560 [ 533.579060][T27583] ? get_anon_bdev+0xc0/0xc0 [ 533.583653][T27583] ? get_anon_bdev+0xc0/0xc0 [ 533.588221][T27583] sget+0x10c/0x150 [ 533.592058][T27583] ? ovl_show_options+0x550/0x550 [ 533.597071][T27583] mount_nodev+0x31/0x110 [ 533.601405][T27583] ovl_mount+0x2d/0x40 [ 533.605482][T27583] ? ovl_own_xattr_set+0x10/0x10 [ 533.610403][T27583] legacy_get_tree+0xf2/0x200 [ 533.615074][T27583] vfs_get_tree+0x123/0x450 [ 533.619570][T27583] do_mount+0x1436/0x2c40 [ 533.623882][T27583] ? copy_mount_string+0x40/0x40 [ 533.628801][T27583] ? _copy_from_user+0xdd/0x150 [ 533.633650][T27583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 533.639886][T27583] ? copy_mount_options+0x30e/0x440 [ 533.645065][T27583] ksys_mount+0xdb/0x150 [ 533.649298][T27583] __x64_sys_mount+0xbe/0x150 [ 533.653958][T27583] do_syscall_64+0x103/0x610 [ 533.658534][T27583] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 533.664403][T27583] RIP: 0033:0x457e29 [ 533.668291][T27583] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 533.687872][T27583] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 533.696263][T27583] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 533.704215][T27583] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 533.712169][T27583] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 533.720128][T27583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 02:35:50 executing program 1: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f0000000100)=0xc) setuid(r1) fcntl$setlease(r0, 0x400, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x2, &(0x7f0000000300)=0x6, 0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000)=0x178, 0x4) ioctl$VIDIOC_G_STD(0xffffffffffffffff, 0x80085617, &(0x7f00000000c0)) sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000809000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) recvfrom$inet6(r2, &(0x7f0000000080)=""/49, 0x31, 0xffffffffffffffff, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000040)=0x1) [ 533.728111][T27583] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:50 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000040)='syz_tun\x00') write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000680)="0af51f023c123f3188a070") 02:35:50 executing program 0 (fault-call:20 fault-nth:55): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 534.198154][ C0] net_ratelimit: 18 callbacks suppressed [ 534.198162][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 534.209669][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 534.215462][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 534.221255][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 534.291812][T27639] FAULT_INJECTION: forcing a failure. [ 534.291812][T27639] name failslab, interval 1, probability 0, space 0, times 0 [ 534.305671][T27639] CPU: 0 PID: 27639 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 534.314800][T27639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.324853][T27639] Call Trace: [ 534.328152][T27639] dump_stack+0x172/0x1f0 [ 534.332586][T27639] should_fail.cold+0xa/0x15 [ 534.337177][T27639] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 534.342990][T27639] ? ___might_sleep+0x163/0x280 [ 534.347840][T27639] __should_failslab+0x121/0x190 [ 534.352771][T27639] should_failslab+0x9/0x14 [ 534.357267][T27639] kmem_cache_alloc_trace+0x2d1/0x760 [ 534.362650][T27639] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 534.368458][T27639] __memcg_init_list_lru_node+0x8a/0x1e0 [ 534.374101][T27639] __list_lru_init+0x3cf/0x6e0 [ 534.378880][T27639] alloc_super+0x78d/0x890 [ 534.383293][T27639] sget_userns+0xf1/0x560 [ 534.387617][T27639] ? get_anon_bdev+0xc0/0xc0 [ 534.392207][T27639] ? get_anon_bdev+0xc0/0xc0 [ 534.396787][T27639] sget+0x10c/0x150 [ 534.400580][T27639] ? ovl_show_options+0x550/0x550 [ 534.405582][T27639] mount_nodev+0x31/0x110 [ 534.409905][T27639] ovl_mount+0x2d/0x40 [ 534.413976][T27639] ? ovl_own_xattr_set+0x10/0x10 [ 534.418918][T27639] legacy_get_tree+0xf2/0x200 [ 534.423579][T27639] vfs_get_tree+0x123/0x450 [ 534.428080][T27639] do_mount+0x1436/0x2c40 [ 534.432440][T27639] ? copy_mount_string+0x40/0x40 [ 534.437369][T27639] ? _copy_from_user+0xdd/0x150 [ 534.442218][T27639] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 534.448456][T27639] ? copy_mount_options+0x30e/0x440 [ 534.453677][T27639] ksys_mount+0xdb/0x150 [ 534.457912][T27639] __x64_sys_mount+0xbe/0x150 [ 534.462577][T27639] do_syscall_64+0x103/0x610 [ 534.467165][T27639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 534.473651][T27639] RIP: 0033:0x457e29 [ 534.477538][T27639] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 534.497130][T27639] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 534.505521][T27639] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 534.513480][T27639] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 534.521442][T27639] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 534.529404][T27639] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 534.537372][T27639] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 534.545520][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 534.551346][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 534.838144][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 534.843943][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 535.159503][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 535.165617][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:53 executing program 1: syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) ioctl$RTC_UIE_OFF(r0, 0x7004) open(&(0x7f0000000240)='./bus\x00', 0x141042, 0x106) execve(&(0x7f0000000340)='./bus\x00', 0x0, 0x0) setxattr$trusted_overlay_nlink(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='trusted.overlay.nlink\x00', &(0x7f0000000300)={'U-', 0x3f}, 0x28, 0x1) 02:35:53 executing program 2: lsetxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'U+'}, 0x28, 0x1) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f0000000040)={0x0, 0x0, 0x102, 0x3, {0xfffffffffffffffe, 0x3, 0x8, 0x1a6}}) modify_ldt$read(0x0, &(0x7f0000000300)=""/201, 0x242c49913f1bd37f) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:53 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f00000001c0)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000001000)={{0x100000001}}) r1 = dup2(r0, r0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0xf}) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x1, 0x2, 0x3, 0x5}]}) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) 02:35:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000440)="8da4363ac0ed000000000000010008000000fdff000000000000fffffdfd0000ecf6f2a2299748aeb81e1b00920efd9a0000010000000000fe02002010ffffff5f42485266535f4dd9ed47f3b08d7e74d0f6425b6d066717600a2c90029de0f2dae2f3ee6eb3deb0e887b59eb9797d9f978d2db7340c10d26aa95da165928ab33d68b283a146750a3a05dd356ce97a693ca9295c5ff61ce717065cf35f7b7c368f8e806dd1e05c0e121553780982e4450e8f6352c09b6b4903a1b82fffb7", 0xbe, 0x10080}], 0x0, 0x0) 02:35:53 executing program 0 (fault-call:20 fault-nth:56): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:53 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xe, &(0x7f0000000000), 0xffffffffffffff1d) 02:35:53 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/btrfs-control\x00', 0x288000, 0x0) syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0x0, 0x1) openat$vsock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vsock\x00', 0x20000, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm_plock\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000040)={0x55, 0xfff, 0x3, {0x8, 0x7fff}, {0x2000400000, 0x6}, @cond=[{0x8, 0x9, 0xffffffff80000001, 0x5, 0x8ff4, 0x4}, {0x7, 0x2, 0x3, 0xffffffffffffa2fa, 0xffffffff, 0x7}]}) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000240)=0x3) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) sendmsg$key(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001740)=ANY=[@ANYRESDEC], 0xfffffe2e}}, 0x0) r4 = accept$alg(r3, 0x0, 0x0) sendmmsg$alg(r4, &(0x7f0000000380)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@op={0x18}], 0x18}], 0xfffffffffffffe82, 0x0) readv(r4, &(0x7f00000006c0)=[{&(0x7f0000000180)=""/161, 0x7ffff000}], 0xa) 02:35:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x0, 0x800, 'ifb0\x00', 'dummy0\x00', 'ip_vti0\x00', 'ip6tnl0\x00', @remote, [], @link_local, [], 0xb8, 0xb8, 0xe8, [@ip={'ip\x00', 0x20, {{@loopback, @dev, 0x0, 0x0, 0x0, 0x84, 0x10, 0x0, 0x2}}}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x1f0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000040)=0xf0b, 0x4) 02:35:53 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:53 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x20001000008912, &(0x7f0000000080)="0af51f023c123f3188a070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000005d40)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000000880)=@newlink={0x54, 0x10, 0xd07, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x18, 0x2, [@IFLA_GRE_LOCAL={0x14, 0x4, @mcast1={0xff, 0x1, [0xc]}}]}}}, @IFLA_BROADCAST={0xc, 0x2, @local}]}, 0x396}}, 0x0) [ 536.461704][T27682] FAULT_INJECTION: forcing a failure. [ 536.461704][T27682] name failslab, interval 1, probability 0, space 0, times 0 [ 536.478600][T27682] CPU: 1 PID: 27682 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 536.487738][T27682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.497795][T27682] Call Trace: [ 536.501104][T27682] dump_stack+0x172/0x1f0 [ 536.505457][T27682] should_fail.cold+0xa/0x15 [ 536.510062][T27682] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 536.515895][T27682] ? ___might_sleep+0x163/0x280 [ 536.520831][T27682] __should_failslab+0x121/0x190 [ 536.520861][T27682] should_failslab+0x9/0x14 [ 536.520877][T27682] kmem_cache_alloc_trace+0x2d1/0x760 [ 536.520895][T27682] ? register_shrinker_prepared+0x116/0x190 [ 536.520917][T27682] ovl_fill_super+0xe6/0x3bb8 [ 536.520947][T27682] ? ovl_show_options+0x550/0x550 [ 536.520959][T27682] ? up_write+0x1c/0x150 [ 536.520979][T27682] ? sget_userns+0x105/0x560 [ 536.520992][T27682] ? get_anon_bdev+0xc0/0xc0 [ 536.521007][T27682] ? get_anon_bdev+0xc0/0xc0 [ 536.521019][T27682] ? sget+0x114/0x150 [ 536.521035][T27682] ? ovl_show_options+0x550/0x550 [ 536.521049][T27682] mount_nodev+0x68/0x110 [ 536.521064][T27682] ovl_mount+0x2d/0x40 [ 536.521076][T27682] ? ovl_own_xattr_set+0x10/0x10 [ 536.521091][T27682] legacy_get_tree+0xf2/0x200 [ 536.521107][T27682] vfs_get_tree+0x123/0x450 [ 536.521123][T27682] do_mount+0x1436/0x2c40 [ 536.521145][T27682] ? copy_mount_string+0x40/0x40 [ 536.521162][T27682] ? _copy_from_user+0xdd/0x150 [ 536.521181][T27682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 536.521194][T27682] ? copy_mount_options+0x30e/0x440 [ 536.521211][T27682] ksys_mount+0xdb/0x150 [ 536.535990][T27682] __x64_sys_mount+0xbe/0x150 [ 536.536014][T27682] do_syscall_64+0x103/0x610 [ 536.536034][T27682] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 536.536049][T27682] RIP: 0033:0x457e29 [ 536.649622][T27682] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 536.669207][T27682] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 536.677642][T27682] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 536.685609][T27682] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 536.693562][T27682] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 536.701513][T27682] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 536.709465][T27682] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 02:35:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair(0x0, 0x800, 0x3, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$bt_sco_SCO_CONNINFO(r3, 0x11, 0x2, &(0x7f0000000180)=""/245, &(0x7f0000000080)=0xf5) ioctl$SIOCAX25ADDFWD(r2, 0x89ea, &(0x7f0000000000)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 536.779845][T27694] netlink: 'syz-executor.3': attribute type 4 has an invalid length. 02:35:53 executing program 3: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = dup(r0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x3001}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000280)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$smack_current(r2, &(0x7f0000000440)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&', 0x1a5) write$P9_RXATTRCREATE(r2, &(0x7f0000000040)={0x7, 0x21, 0x1}, 0x7) 02:35:53 executing program 1: socketpair$unix(0x1, 0xa, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = accept4(r1, &(0x7f0000000200)=@xdp={0x2c, 0x0, 0x0}, &(0x7f00000000c0)=0x80, 0x800) ioctl$sock_ax25_SIOCDELRT(r2, 0x890c, &(0x7f0000000380)={@null, @default, 0x8, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffec0, &(0x7f00000001c0)={&(0x7f0000000080)=@bridge_dellink={0x0, 0x11, 0xa, 0x70bd2d, 0x25dfdbfe, {0x7, 0x0, 0x0, r3, 0x2000}, [@IFLA_GROUP={0x0, 0x1b, 0x2c8}, @IFLA_LINK={0x0, 0x5, 0xffffffff}]}, 0xfd08}}, 0x200) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@delpolicy={0x6c, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast1, @in6=@dev}}, [@encap={0x1c, 0x8, {0x8, 0x0, 0x0, @in=@loopback}}]}, 0x6c}, 0x8}, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000600)={&(0x7f0000000400), 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0xb4, r4, 0x0, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x34, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x100000000}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffff8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffffc00}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000000}, 0x2000c084) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuset.memory_pressure\x00', 0x0, 0x0) ioctl$EVIOCGVERSION(r5, 0x80044501, &(0x7f0000000280)=""/199) 02:35:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:56 executing program 2: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) ioctl$KVM_ASSIGN_DEV_IRQ(r2, 0x4040ae70, &(0x7f0000000080)={0x1fa, 0xb510, 0x6, 0x4}) 02:35:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000007640)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) 02:35:56 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x100000001, 0x0) write$selinux_attr(r1, &(0x7f0000000080)='system_u:object_r:apt_var_log_t:s0\x00', 0x23) setsockopt$inet6_tcp_int(r1, 0x6, 0x200000000000010, &(0x7f0000000380)=0x404100000001, 0x4) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_SOCK_GET(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x401}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x17c, r2, 0xf00, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x28, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8000}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_LINK={0x3c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_BEARER={0xa4, 0x1, [@TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'bond_slave_1\x00'}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x6}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_MEDIA={0x60, 0x5, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffffc}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x17c}, 0x1, 0x0, 0x0, 0x20008011}, 0x1) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000100)=0x14) 02:35:56 executing program 0 (fault-call:20 fault-nth:57): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:56 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x400, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x992) r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r1, 0x5473, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af04, &(0x7f0000000000)) socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) shutdown(r2, 0x1) r3 = open(&(0x7f0000000040)='./file0\x00', 0x4100, 0x8) ioctl$BLKROSET(r3, 0x125d, &(0x7f0000000080)=0x6) [ 539.318150][ C0] net_ratelimit: 22 callbacks suppressed [ 539.318158][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 539.329729][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:56 executing program 3: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x400040, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={r1, 0x40}, &(0x7f0000000100)=0x8) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_getres(0xfffffffffffffff0, 0x0) 02:35:56 executing program 1: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x9, 0xa0802) ioctl$PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000000040)=0x4) r1 = socket$inet(0x2, 0x3, 0x800000000000b) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x20000800, 0x0, 0x0, 0x20000830, 0x20000860], 0x0, 0x0, &(0x7f0000000800)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x1d, 0x0, 0x0, 'mond_slave_1\x00', 'vcan0\x00', 'syzkaller0\x00', 'bpq0\x00', @local, [], @dev, [], 0xb0, 0xb0, 0xe8, [@mark_m={'mark_m\x00', 0x18, {{0x0, 0x0, 0x0, 0x3}}}]}}, @snat={'snat\x00', 0x10, {{@dev}}}}]}]}, 0x1f0) 02:35:56 executing program 5: r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x1, 0x2) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@remote}}, {{@in=@broadcast}, 0x0, @in=@initdev}}, &(0x7f00000001c0)=0xe8) getsockopt$ax25_int(r0, 0x101, 0x6, &(0x7f0000000200), &(0x7f0000000240)=0x4) r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x2b, 0x0) ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x1}) 02:35:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='.:lo%cgroup:wlan1\x00', 0xfffffffffffffffa) r3 = add_key(&(0x7f0000000100)='ceph\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="b6c794763b461dd64951687fcb5b726e8ec791ae56282e63c674ab5706bca014d483e47c5f03aba7a89a17a7e4885c9cba1cc95209f069e6ef345f661bfe200312c1b99f980a0b1239c0a94e7618c0a9fcb35c6b2f672d26d3a9987c263f81de2450aea0859131c0262d2112c19c1e52362e777ae497b773c2ede9f795cfc9086494e8bc14ecd732dc44e665abd9f91978547b733f58b43a53eadb5f7dce6fb0d4a2c5cf75ed9dc9", 0xa8, 0xfffffffffffffffd) keyctl$instantiate(0xc, r2, &(0x7f0000000540)=ANY=[@ANYBLOB="75706461746520756c7420740300000045643a2f6465762f6b766d0000d854e71203838a6659f533de274d48d9cadcd22290f2c8f3323d2b2bae390cb2df59bb94122684d6afdff8ee20705af678e84f1412d3b02e880e7dc3e7ea39a01eceffbce2427416767af44ef986cfb060d504df9348efc3433ec748ea0770"], 0x21, r3) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x40100, 0x0) ioctl$sock_proto_private(r5, 0x89ec, &(0x7f00000005c0)="42f77c76d91d152ffb3e82cd766069264a70a2b762c650b29042190e2480b7dd276952e6928cc74bcea320d08a38b087df06a89aee4f02fbb3506019ebb180323ca362098df8368d9feea2728b79488219e6bb61a7374ac80dfdb4974456bb499c45f4a5298bd361a417406289fa5b5d0d339bceac8145254fbb51f1348528f7eebba08f023518") ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=0x0) r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000500)='/dev/dlm-monitor\x00', 0x20000, 0x0) perf_event_open(&(0x7f0000000480)={0x3, 0x70, 0x2, 0x1f, 0x9c53, 0x2, 0x0, 0x101, 0x58100, 0x6, 0x9, 0x3f, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x7, 0x6, 0x80, 0x8, 0x0, 0x4, 0x80, 0x4526b4f0, 0x100, 0xfffffffffffffeff, 0x7, 0x1, 0x2, 0x100000000, 0x81, 0x0, 0x8, 0x5, 0x1, 0x7, 0x6, 0x7, 0x7, 0x1, 0x0, 0xffffffffffffa5fd, 0x2, @perf_bp={&(0x7f0000000280), 0x1}, 0x8400, 0xffffffff, 0x3e4e, 0x7, 0x1, 0x6, 0x5}, r6, 0x2, r7, 0xb) openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x2480, 0x0) r8 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vsock\x00', 0xa07c39f3a1d18a1d, 0x0) ioctl$VIDIOC_SUBDEV_G_EDID(r8, 0xc0285628, &(0x7f0000000380)={0x0, 0x0, 0x3, [], &(0x7f0000000340)=0x6}) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000400)={0x7b, 0x0, [0x277, 0x20]}) [ 539.529944][T27757] FAULT_INJECTION: forcing a failure. [ 539.529944][T27757] name failslab, interval 1, probability 0, space 0, times 0 [ 539.558145][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 539.563984][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 539.586362][T27757] CPU: 1 PID: 27757 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 539.595511][T27757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.605572][T27757] Call Trace: [ 539.608901][T27757] dump_stack+0x172/0x1f0 [ 539.613259][T27757] should_fail.cold+0xa/0x15 [ 539.617864][T27757] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 539.623692][T27757] ? ___might_sleep+0x163/0x280 [ 539.628558][T27757] __should_failslab+0x121/0x190 [ 539.633521][T27757] should_failslab+0x9/0x14 [ 539.638029][T27757] kmem_cache_alloc_trace+0x2d1/0x760 [ 539.643413][T27757] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 539.649226][T27757] __memcg_init_list_lru_node+0x8a/0x1e0 [ 539.654873][T27757] __list_lru_init+0x3cf/0x6e0 [ 539.659652][T27757] alloc_super+0x78d/0x890 [ 539.664076][T27757] sget_userns+0xf1/0x560 [ 539.668400][T27757] ? get_anon_bdev+0xc0/0xc0 [ 539.672982][T27757] ? get_anon_bdev+0xc0/0xc0 [ 539.677558][T27757] sget+0x10c/0x150 [ 539.681364][T27757] ? ovl_show_options+0x550/0x550 [ 539.686376][T27757] mount_nodev+0x31/0x110 [ 539.690690][T27757] ovl_mount+0x2d/0x40 [ 539.694741][T27757] ? ovl_own_xattr_set+0x10/0x10 [ 539.699665][T27757] legacy_get_tree+0xf2/0x200 [ 539.704327][T27757] vfs_get_tree+0x123/0x450 [ 539.708817][T27757] do_mount+0x1436/0x2c40 [ 539.713135][T27757] ? retint_kernel+0x2d/0x2d [ 539.717712][T27757] ? copy_mount_string+0x40/0x40 [ 539.722635][T27757] ? copy_mount_options+0x255/0x440 [ 539.727818][T27757] ? write_comp_data+0x1e/0x70 [ 539.732566][T27757] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 539.738795][T27757] ? copy_mount_options+0x30e/0x440 [ 539.743978][T27757] ksys_mount+0xdb/0x150 [ 539.748219][T27757] __x64_sys_mount+0xbe/0x150 [ 539.752883][T27757] do_syscall_64+0x103/0x610 [ 539.757476][T27757] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 539.763350][T27757] RIP: 0033:0x457e29 [ 539.767236][T27757] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:35:56 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff}, 0x1, 0x0, 0x0, 0x4001}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000001780)=""/219, 0xdb}], 0x1000000000000068}}], 0x1, 0x0, 0x0) r1 = openat$cgroup_type(r0, &(0x7f0000000180)='cgroup.type\x00', 0x2, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x404802, 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) readv(r1, &(0x7f0000000540), 0x10000000000002f4) 02:35:56 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) write$P9_RLOCK(0xffffffffffffffff, &(0x7f0000000000)={0x8}, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440)='/dev/kvm\x00', 0x0, 0x0) r2 = dup2(r0, r0) accept4$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14, 0x0) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="145f000000800000000007ff000000000300de56b5000000000800004000080008000100000008000500ac14141b080003000100000f01"], 0x1}}, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="00b6fc663019d9476a25"], 0x1}}, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000002c0)="b8010000000f01c166b8e2000f00d8b9800000c00f3235004000000f304a0fc75f20c44379608d00000100f22e0f01ca67440ff6143f66ba4000b846c95182ef0f01cf400f01df", 0x47}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 539.786905][T27757] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 539.795294][T27757] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 539.803247][T27757] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 539.811200][T27757] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 539.819153][T27757] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 539.827105][T27757] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 540.438203][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 540.444019][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 540.449903][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 540.455650][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 540.768159][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 540.773988][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:35:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:35:59 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x2) r1 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x10000, 0x0) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0) ioctl$ASHMEM_GET_NAME(r2, 0x81007702, &(0x7f0000000140)=""/115) r3 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire], 0x0, 0x0, 0x0}) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x22cd1c86ed52b653}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)={0x34c, r4, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x38, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1f}}}}}]}, @TIPC_NLA_BEARER={0x130, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfcfe}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x8001, @loopback, 0x7fffffff}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x8, @local, 0xdf}}}}, @TIPC_NLA_BEARER_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'bpq0\x00'}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x1f, @remote, 0xfffffffffffffffe}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x23}}, 0x1}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_BEARER={0x5c, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'hwsim0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x530}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x2, @mcast2, 0x8}}, {0x14, 0x2, @in={0x2, 0x119e, @rand_addr=0x6}}}}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_LINK={0x5c, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7d}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_LINK={0xd4, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x148de1c1}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}]}, @TIPC_NLA_SOCK={0x2c, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x200000}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffffffffff8}]}]}, 0x34c}, 0x1, 0x0, 0x0, 0x40}, 0x8000) close(r1) r5 = dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x105) mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xd, 0x40810, r5, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0xb8, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0e630c40010000001f00000000000000116348400000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4ff00000000006340400000000000000000020000000000000000000000110000000000000000000000000000000000000000000000000000000000000000000000000000000000f2ff0e630c40020000000300000000000000056304400000000000000000000000000000000000"], 0xfffffeaf, 0xfdfdffff, 0x0}) 02:35:59 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:35:59 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x10000, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000140)={0x3, 0x4}, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc\xff\xffys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) ioctl$RTC_PIE_ON(r1, 0x7005) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000080)={0x7, 0x1, 0x200, 0x80000000, 0x7abf, 0x79e, 0x0, 0x0, 0x0}, &(0x7f00000000c0)=0x20) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={r2, 0x80000000, 0x90, 0x7f}, &(0x7f00000001c0)=0x10) getdents64(r1, &(0x7f00000002c0)=""/199, 0xc7) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000000200)) 02:35:59 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$inet6(0xa, 0x801, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4={[], [], @local}}, 0x1c) bind$inet6(r1, &(0x7f0000cb8fe4)={0xa, 0x4e20, 0x0, @ipv4={[], [], @remote}}, 0x47) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4) listen(r1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'syzkaller0\x00', 0x8100}) listen(r0, 0x0) 02:35:59 executing program 0 (fault-call:20 fault-nth:58): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:35:59 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x10000, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000140)={0x3, 0x4}, 0x2) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc\xff\xffys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) ioctl$RTC_PIE_ON(r1, 0x7005) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000080)={0x7, 0x1, 0x200, 0x80000000, 0x7abf, 0x79e, 0x0, 0x0, 0x0}, &(0x7f00000000c0)=0x20) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={r2, 0x80000000, 0x90, 0x7f}, &(0x7f00000001c0)=0x10) getdents64(r1, &(0x7f00000002c0)=""/199, 0xc7) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000000200)) [ 542.402864][T27787] binder: 27784:27787 Acquire 1 refcount change on invalid ref 0 ret -22 [ 542.416913][T27787] binder: 27784:27787 ioctl 8912 105 returned -22 [ 542.424301][T27787] binder: 27784:27787 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1 02:35:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0x0, 0x101]}) [ 542.464766][T27787] binder: 27784:27787 transaction failed 29189/-22, size 0-0 line 2994 [ 542.503097][T27787] binder: 27784:27787 ioctl c0306201 200003c0 returned -14 02:35:59 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, &(0x7f0000000080)) socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mice(0x0, 0x0, 0x101080) connect$pptp(r1, &(0x7f00000001c0)={0x18, 0x2, {0x1, @rand_addr=0x5}}, 0x1e) syz_open_dev$vcsa(0x0, 0xfffffffffffffffc, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000)) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socketpair(0x20, 0x40000001, 0x2, 0x0) getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000100), &(0x7f0000000200)=0x4) close(r2) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3}, 0x2c) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x33c) socketpair(0x1e, 0x80005, 0x1c00000000, &(0x7f0000000000)={0x0, 0x0}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)={0x4, 0x2}) close(r3) sendmsg$tipc(r4, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040)) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0adc1f4f130565da9a4cba3f3188a0708f3099c0490ec8ec67b6efb3a0e932ae870e4a77d9e782b2e7") ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x40096100, 0x0) 02:35:59 executing program 3: r0 = syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0xffffffffffffffff, 0x2) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000040)={0x10000, 0x8, 0x1, 0xffffffffffffff9c}) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x40}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000200)={r2, 0x8}, 0x8) ioctl$VIDIOC_S_PARM(r0, 0xc0285629, &(0x7f0000000280)={0x3, @output={0xe7}}) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000080)={0x0, 0x1, 0x1, [0x1]}, &(0x7f00000000c0)=0xa) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000140)={r3, 0xf26}, 0x8) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x20000, 0x0) [ 542.636715][T27794] FAULT_INJECTION: forcing a failure. [ 542.636715][T27794] name failslab, interval 1, probability 0, space 0, times 0 [ 542.642887][T27812] binder: 27784:27812 Acquire 1 refcount change on invalid ref 0 ret -22 [ 542.659785][T27794] CPU: 0 PID: 27794 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 542.668912][T27794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.668919][T27794] Call Trace: [ 542.668941][T27794] dump_stack+0x172/0x1f0 [ 542.668963][T27794] should_fail.cold+0xa/0x15 [ 542.668983][T27794] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 542.682725][T27812] binder: 27784:27812 ioctl 8912 105 returned -22 [ 542.686670][T27794] ? ___might_sleep+0x163/0x280 [ 542.686693][T27794] __should_failslab+0x121/0x190 [ 542.686710][T27794] should_failslab+0x9/0x14 [ 542.686729][T27794] __kmalloc+0x2dc/0x740 [ 542.697091][T27794] ? refcount_inc_not_zero_checked+0x144/0x200 [ 542.697112][T27794] ? refcount_dec_and_mutex_lock+0x90/0x90 [ 542.697128][T27794] ? security_prepare_creds+0x123/0x190 [ 542.697146][T27794] security_prepare_creds+0x123/0x190 [ 542.697232][T27794] prepare_creds+0x2f5/0x3f0 [ 542.697251][T27794] ovl_fill_super+0xfc/0x3bb8 [ 542.704133][T27812] binder: 27784:27812 BC_REQUEST_DEATH_NOTIFICATION invalid ref 1 [ 542.708492][T27794] ? mark_held_locks+0xa4/0xf0 [ 542.708512][T27794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 542.708527][T27794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 542.708546][T27794] ? retint_kernel+0x2d/0x2d [ 542.708562][T27794] ? trace_hardirqs_on_caller+0x6a/0x220 [ 542.708580][T27794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 542.708595][T27794] ? ovl_show_options+0x550/0x550 [ 542.708613][T27794] ? retint_kernel+0x2d/0x2d [ 542.708626][T27794] ? ovl_show_options+0x550/0x550 [ 542.708659][T27794] ? ovl_show_options+0x550/0x550 [ 542.714460][T27812] binder: 27784:27812 transaction failed 29189/-22, size 0-0 line 2994 [ 542.718067][T27794] mount_nodev+0x68/0x110 [ 542.718086][T27794] ovl_mount+0x2d/0x40 [ 542.718101][T27794] ? ovl_own_xattr_set+0x10/0x10 [ 542.718118][T27794] legacy_get_tree+0xf2/0x200 [ 542.718135][T27794] vfs_get_tree+0x123/0x450 [ 542.718153][T27794] do_mount+0x1436/0x2c40 [ 542.718173][T27794] ? copy_mount_string+0x40/0x40 [ 542.718189][T27794] ? copy_mount_options+0x234/0x440 [ 542.718205][T27794] ? __sanitizer_cov_trace_pc+0x3b/0x50 [ 542.718221][T27794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.718238][T27794] ? copy_mount_options+0x30e/0x440 [ 542.728605][T27794] ksys_mount+0xdb/0x150 [ 542.728624][T27794] __x64_sys_mount+0xbe/0x150 02:35:59 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) creat(&(0x7f0000000340)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@nullb='::,0\nnsllb:\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0) [ 542.728635][T27794] ? ksys_mount+0x150/0x150 [ 542.728656][T27794] do_syscall_64+0x103/0x610 [ 542.728675][T27794] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.728687][T27794] RIP: 0033:0x457e29 [ 542.728701][T27794] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.728710][T27794] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 542.728724][T27794] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 542.728738][T27794] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 542.735501][T27812] binder: 27784:27812 ioctl c0306201 200003c0 returned -14 [ 542.740046][T27794] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 542.740056][T27794] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 542.740065][T27794] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:35:59 executing program 3: r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x37e195ca3c3b0214, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x0, @broadcast}, @in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e22, 0x6, @remote, 0x8000}], 0x3c) r2 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) readahead(r0, 0xe561, 0x1429) listen(r2, 0x20000000) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0xaa, {{0xa, 0x4e24, 0xffffffffffffff7f, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x8}}}, 0x88) r3 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r3, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = accept4(r2, 0x0, &(0x7f0000000000), 0x0) setsockopt$inet6_int(r4, 0x29, 0x33, &(0x7f0000000100), 0x4) sendmmsg(r4, &(0x7f0000003d40)=[{{&(0x7f0000001b00)=@l2, 0x80, &(0x7f0000001d00), 0x0, &(0x7f0000001d40)}}, {{&(0x7f0000002300)=@nl, 0x80, &(0x7f0000003740), 0x0, &(0x7f00000037c0)}}], 0x4000000000001eb, 0x0) [ 543.043923][T27826] libceph: resolve '0 [ 543.043923][T27826] nsllb' (ret=-3): failed [ 543.075465][T27826] libceph: parse_ips bad ip '::,0 [ 543.075465][T27826] nsllb' [ 544.598122][ C0] net_ratelimit: 18 callbacks suppressed [ 544.598128][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 544.609624][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 544.615423][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 544.621284][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 544.918160][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 544.923966][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 545.238177][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 545.244010][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:02 executing program 0 (fault-call:20 fault-nth:59): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:02 executing program 5: r0 = creat(&(0x7f0000001140)='./file0\x00', 0x3) write$vnet(r0, 0x0, 0x0) close(r0) r1 = perf_event_open(&(0x7f0000000080)={0x1, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800, 0x0, 0x800, 0x0, 0x0, 0x1000000000000000, 0x0, @perf_config_ext, 0x400000}, 0x0, 0xffffffffffffffff, r0, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x44, r2, 0x8, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x9}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x48010}, 0x4) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x10, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$cec(0x0, 0xffffffffffffffff, 0x2) getsockopt$inet_mreqn(r3, 0x0, 0x20, 0x0, &(0x7f00000008c0)) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000100)={0x0, 0x1, @stop_pts=0x5}) fcntl$addseals(r1, 0x409, 0x4) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xa, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="bd0830000800000000b206000900000008d00000f8ffffff181a0000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x1}, 0x48) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r4, 0x6612) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x78, r5, 0x200, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x20, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_NODE={0x28, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xe5a}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}]}, @TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x800}]}]}, 0x78}}, 0x4000040) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f00000001c0)) 02:36:02 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, &(0x7f0000000080)) socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mice(0x0, 0x0, 0x101080) connect$pptp(r1, &(0x7f00000001c0)={0x18, 0x2, {0x1, @rand_addr=0x5}}, 0x1e) syz_open_dev$vcsa(0x0, 0xfffffffffffffffc, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000)) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socketpair(0x20, 0x40000001, 0x2, 0x0) getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000100), &(0x7f0000000200)=0x4) close(r2) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3}, 0x2c) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x33c) socketpair(0x1e, 0x80005, 0x1c00000000, &(0x7f0000000000)={0x0, 0x0}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)={0x4, 0x2}) close(r3) sendmsg$tipc(r4, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040)) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0adc1f4f130565da9a4cba3f3188a0708f3099c0490ec8ec67b6efb3a0e932ae870e4a77d9e782b2e7") ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x40096100, 0x0) 02:36:02 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x800, 0x0) remap_file_pages(&(0x7f0000c98000/0x2000)=nil, 0x2000, 0x2, 0x2, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2000000000002) syz_open_dev$amidi(0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) 02:36:02 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x7, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x19, 0x44}}, &(0x7f0000000480)='syzkaller\x00'}, 0x48) r0 = open(&(0x7f0000000000)='.\x00', 0x400100, 0x1) ioctl$RTC_VL_READ(r0, 0x80047013, &(0x7f0000000040)) [ 545.558146][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 545.564133][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000040)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 545.688390][T27876] FAULT_INJECTION: forcing a failure. [ 545.688390][T27876] name failslab, interval 1, probability 0, space 0, times 0 [ 545.708256][T27876] CPU: 0 PID: 27876 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 545.717401][T27876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.727463][T27876] Call Trace: [ 545.730766][T27876] dump_stack+0x172/0x1f0 [ 545.735142][T27876] should_fail.cold+0xa/0x15 [ 545.739748][T27876] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 545.745569][T27876] ? ___might_sleep+0x163/0x280 [ 545.750435][T27876] __should_failslab+0x121/0x190 [ 545.755382][T27876] should_failslab+0x9/0x14 [ 545.759896][T27876] __kmalloc_track_caller+0x2d8/0x740 [ 545.765282][T27876] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.771527][T27876] ? security_prepare_creds+0xfb/0x190 [ 545.776995][T27876] ? ovl_fill_super+0x252/0x3bb8 [ 545.781943][T27876] kstrdup+0x3a/0x70 02:36:02 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x79) clone(0x7ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000001200)=0x4, 0x4) sendmmsg(r1, &(0x7f0000007e00), 0x4000000000000f4, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) [ 545.785845][T27876] ovl_fill_super+0x252/0x3bb8 [ 545.790634][T27876] ? ovl_show_options+0x550/0x550 [ 545.795659][T27876] ? up_write+0x1c/0x150 [ 545.799913][T27876] ? sget_userns+0x105/0x560 [ 545.804505][T27876] ? get_anon_bdev+0xc0/0xc0 [ 545.809110][T27876] ? get_anon_bdev+0xc0/0xc0 [ 545.813709][T27876] ? sget+0x114/0x150 [ 545.817702][T27876] ? ovl_show_options+0x550/0x550 [ 545.822733][T27876] mount_nodev+0x68/0x110 [ 545.827080][T27876] ovl_mount+0x2d/0x40 [ 545.831164][T27876] ? ovl_own_xattr_set+0x10/0x10 [ 545.836110][T27876] legacy_get_tree+0xf2/0x200 [ 545.840803][T27876] vfs_get_tree+0x123/0x450 [ 545.845313][T27876] do_mount+0x1436/0x2c40 [ 545.849652][T27876] ? copy_mount_string+0x40/0x40 [ 545.854600][T27876] ? _copy_from_user+0xdd/0x150 [ 545.859458][T27876] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.865704][T27876] ? copy_mount_options+0x30e/0x440 [ 545.870910][T27876] ksys_mount+0xdb/0x150 [ 545.875162][T27876] __x64_sys_mount+0xbe/0x150 [ 545.879867][T27876] do_syscall_64+0x103/0x610 [ 545.884467][T27876] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 545.890360][T27876] RIP: 0033:0x457e29 [ 545.894259][T27876] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 545.913886][T27876] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 545.922304][T27876] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 545.930281][T27876] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 545.938258][T27876] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 545.946366][T27876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 545.954359][T27876] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:36:02 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0xc) ioctl$IMHOLD_L1(r1, 0x80044948, &(0x7f0000000040)=0x8) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14, 0x52}}}}]}, 0x48}}, 0x0) 02:36:02 executing program 0 (fault-call:20 fault-nth:60): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000100)=0x4) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7d, 0x0, [0x277, 0x1, 0x200000000000]}) [ 546.556807][T27901] FAULT_INJECTION: forcing a failure. [ 546.556807][T27901] name failslab, interval 1, probability 0, space 0, times 0 [ 546.578330][T27901] CPU: 0 PID: 27901 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 546.587476][T27901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.597535][T27901] Call Trace: [ 546.600840][T27901] dump_stack+0x172/0x1f0 [ 546.605179][T27901] should_fail.cold+0xa/0x15 [ 546.609798][T27901] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 546.615615][T27901] ? ___might_sleep+0x163/0x280 [ 546.620565][T27901] __should_failslab+0x121/0x190 [ 546.625511][T27901] should_failslab+0x9/0x14 [ 546.630028][T27901] __kmalloc_track_caller+0x2d8/0x740 [ 546.635414][T27901] ? match_strdup+0x57/0x80 [ 546.639926][T27901] kmemdup_nul+0x31/0xa0 [ 546.644170][T27901] match_strdup+0x57/0x80 [ 546.648506][T27901] ovl_fill_super+0xbee/0x3bb8 [ 546.653295][T27901] ? ovl_show_options+0x550/0x550 [ 546.658322][T27901] ? up_write+0x1c/0x150 [ 546.662570][T27901] ? sget_userns+0x105/0x560 [ 546.667169][T27901] ? get_anon_bdev+0xc0/0xc0 [ 546.671761][T27901] ? sget+0x114/0x150 [ 546.675741][T27901] ? ovl_show_options+0x550/0x550 [ 546.680762][T27901] mount_nodev+0x68/0x110 [ 546.685102][T27901] ovl_mount+0x2d/0x40 [ 546.689176][T27901] ? ovl_own_xattr_set+0x10/0x10 [ 546.694126][T27901] legacy_get_tree+0xf2/0x200 [ 546.698797][T27901] vfs_get_tree+0x123/0x450 [ 546.703292][T27901] do_mount+0x1436/0x2c40 [ 546.707603][T27901] ? copy_mount_string+0x40/0x40 [ 546.712549][T27901] ? _copy_from_user+0xdd/0x150 [ 546.717384][T27901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 546.723614][T27901] ? copy_mount_options+0x30e/0x440 [ 546.728807][T27901] ksys_mount+0xdb/0x150 [ 546.733038][T27901] __x64_sys_mount+0xbe/0x150 [ 546.737701][T27901] do_syscall_64+0x103/0x610 [ 546.742370][T27901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.748252][T27901] RIP: 0033:0x457e29 [ 546.752150][T27901] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 546.771735][T27901] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 546.780134][T27901] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 546.788103][T27901] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 546.796103][T27901] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 546.804070][T27901] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 546.812047][T27901] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:05 executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x10, 0x3, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x57, 0x27}}, &(0x7f0000000240)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, 0x99, &(0x7f0000000180)=""/153}, 0x48) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) 02:36:05 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x0, 0x0, &(0x7f0000000080)) socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mice(0x0, 0x0, 0x101080) connect$pptp(r1, &(0x7f00000001c0)={0x18, 0x2, {0x1, @rand_addr=0x5}}, 0x1e) syz_open_dev$vcsa(0x0, 0xfffffffffffffffc, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa00000400, 0x0, 0x8000010004}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs\x00', 0x0, &(0x7f000000a000)) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0) ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socketpair(0x20, 0x40000001, 0x2, 0x0) getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000100), &(0x7f0000000200)=0x4) close(r2) bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3}, 0x2c) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180), 0x33c) socketpair(0x1e, 0x80005, 0x1c00000000, &(0x7f0000000000)={0x0, 0x0}) ioctl$KVM_SET_ONE_REG(r2, 0x4010aeac, &(0x7f0000000240)={0x4, 0x2}) close(r3) sendmsg$tipc(r4, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040)) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000180)="0adc1f4f130565da9a4cba3f3188a0708f3099c0490ec8ec67b6efb3a0e932ae870e4a77d9e782b2e7") ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x40096100, 0x0) 02:36:05 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x200, 0x2d00) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f00000000c0)=0x1) 02:36:05 executing program 0 (fault-call:20 fault-nth:61): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = accept$ax25(0xffffffffffffff9c, &(0x7f0000000040)={{}, [@bcast, @netrom, @remote, @bcast, @remote, @netrom, @bcast, @null]}, &(0x7f00000000c0)=0x48) write$P9_RCREATE(r1, &(0x7f0000000200)={0x18, 0x73, 0x2, {{0x22, 0x0, 0x3}, 0x100}}, 0x18) ioctl$SIOCAX25GETINFO(r2, 0x89ed, &(0x7f0000000180)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x10001, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2, 0xffffffffffffffff]}) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) 02:36:05 executing program 3: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/mcfilter6\x00') readv(r0, &(0x7f0000000a80)=[{&(0x7f0000000840)=""/198, 0xc6}], 0x1) 02:36:05 executing program 5: 02:36:05 executing program 1: 02:36:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x20000, 0x0) ioctl$RTC_WKALM_RD(r3, 0x80287010, &(0x7f00000000c0)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 548.755369][T27927] FAULT_INJECTION: forcing a failure. [ 548.755369][T27927] name failslab, interval 1, probability 0, space 0, times 0 [ 548.781242][T27927] CPU: 0 PID: 27927 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 548.790399][T27927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.800559][T27927] Call Trace: [ 548.803901][T27927] dump_stack+0x172/0x1f0 [ 548.808252][T27927] should_fail.cold+0xa/0x15 [ 548.812873][T27927] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 548.818690][T27927] ? ___might_sleep+0x163/0x280 [ 548.818715][T27927] __should_failslab+0x121/0x190 [ 548.818738][T27927] should_failslab+0x9/0x14 [ 548.818754][T27927] __kmalloc_track_caller+0x2d8/0x740 [ 548.818777][T27927] ? match_strdup+0x57/0x80 [ 548.818796][T27927] kmemdup_nul+0x31/0xa0 [ 548.818827][T27927] match_strdup+0x57/0x80 [ 548.818847][T27927] ovl_fill_super+0xb7f/0x3bb8 [ 548.833128][T27927] ? ovl_show_options+0x550/0x550 [ 548.833142][T27927] ? up_write+0x1c/0x150 [ 548.833168][T27927] ? sget_userns+0x105/0x560 [ 548.833187][T27927] ? get_anon_bdev+0xc0/0xc0 [ 548.874653][T27927] ? sget+0x114/0x150 [ 548.878632][T27927] ? ovl_show_options+0x550/0x550 [ 548.883653][T27927] mount_nodev+0x68/0x110 [ 548.887966][T27927] ovl_mount+0x2d/0x40 [ 548.892020][T27927] ? ovl_own_xattr_set+0x10/0x10 [ 548.897166][T27927] legacy_get_tree+0xf2/0x200 [ 548.901853][T27927] vfs_get_tree+0x123/0x450 [ 548.906355][T27927] do_mount+0x1436/0x2c40 [ 548.910691][T27927] ? copy_mount_string+0x40/0x40 [ 548.915616][T27927] ? _copy_from_user+0xdd/0x150 [ 548.920473][T27927] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.926780][T27927] ? copy_mount_options+0x30e/0x440 [ 548.931969][T27927] ksys_mount+0xdb/0x150 [ 548.936195][T27927] __x64_sys_mount+0xbe/0x150 [ 548.940859][T27927] do_syscall_64+0x103/0x610 [ 548.945438][T27927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.951315][T27927] RIP: 0033:0x457e29 [ 548.955195][T27927] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.974797][T27927] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 548.983608][T27927] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 548.991563][T27927] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 548.999527][T27927] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 549.007595][T27927] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 549.015805][T27927] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:05 executing program 1: 02:36:05 executing program 5: [ 549.718230][ C0] net_ratelimit: 22 callbacks suppressed [ 549.718236][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 549.729974][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 549.958119][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 549.964054][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 551.078126][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 551.083954][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 551.089826][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 551.095585][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 551.158161][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 551.164068][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800) ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000040)={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x6, @broadcast}, 0x6, {0x2, 0x4e20, @multicast1}, 'veth0_to_team\x00'}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:08 executing program 0 (fault-call:20 fault-nth:62): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:08 executing program 3: 02:36:08 executing program 5: 02:36:08 executing program 1: r0 = creat(&(0x7f0000000700)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x2000000000000, 0x0) read(r1, &(0x7f0000000140)=""/11, 0xb) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200000000000013, &(0x7f0000000080)=0x1, 0x4) connect$inet6(r2, &(0x7f0000000100), 0x1c) r3 = dup2(r2, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000180)=[@window={0x3, 0x0, 0x7f}, @sack_perm], 0x20000000000000d0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, &(0x7f0000000200)) dup2(r1, r0) ioctl$sock_SIOCGSKNS(r3, 0x894c, 0x0) 02:36:08 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="0a0775db7b2803b4f0a12585675d26b0d5e383e5b3b60ced5c54dbb7295df0df8217ad62005127000000000000e60000", 0x30) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000001340)=""/239, 0xef}], 0x1}}], 0x1, 0x0, 0x0) 02:36:08 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)=ANY=[@ANYBLOB="28136195cf"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000028000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 02:36:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:08 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) shmctl$SHM_LOCK(r2, 0xb) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 551.832311][T27992] FAULT_INJECTION: forcing a failure. [ 551.832311][T27992] name failslab, interval 1, probability 0, space 0, times 0 [ 551.887378][T27992] CPU: 1 PID: 27992 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 551.896532][T27992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.906593][T27992] Call Trace: [ 551.909897][T27992] dump_stack+0x172/0x1f0 [ 551.914236][T27992] should_fail.cold+0xa/0x15 [ 551.918837][T27992] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 551.924652][T27992] ? ___might_sleep+0x163/0x280 [ 551.929513][T27992] __should_failslab+0x121/0x190 [ 551.934457][T27992] should_failslab+0x9/0x14 [ 551.938960][T27992] __kmalloc_track_caller+0x2d8/0x740 [ 551.944418][T27992] ? rcu_read_lock_sched_held+0x110/0x130 [ 551.950142][T27992] ? __kmalloc_track_caller+0x5d1/0x740 [ 551.955689][T27992] ? ovl_mount_dir+0x2a/0x1d0 [ 551.960371][T27992] kstrdup+0x3a/0x70 [ 551.964443][T27992] ovl_mount_dir+0x2a/0x1d0 [ 551.969001][T27992] ovl_fill_super+0x99c/0x3bb8 [ 551.973775][T27992] ? ovl_show_options+0x550/0x550 [ 551.978779][T27992] ? up_write+0x1c/0x150 [ 551.983051][T27992] ? sget_userns+0x105/0x560 [ 551.987623][T27992] ? get_anon_bdev+0xc0/0xc0 [ 551.992248][T27992] ? sget+0x114/0x150 [ 551.996585][T27992] ? ovl_show_options+0x550/0x550 [ 552.001605][T27992] mount_nodev+0x68/0x110 [ 552.005931][T27992] ovl_mount+0x2d/0x40 [ 552.009981][T27992] ? ovl_own_xattr_set+0x10/0x10 [ 552.014899][T27992] legacy_get_tree+0xf2/0x200 [ 552.019762][T27992] vfs_get_tree+0x123/0x450 [ 552.024250][T27992] do_mount+0x1436/0x2c40 [ 552.028568][T27992] ? copy_mount_string+0x40/0x40 [ 552.033498][T27992] ? copy_mount_options+0x1de/0x440 [ 552.038679][T27992] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 552.044204][T27992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.050438][T27992] ? copy_mount_options+0x30e/0x440 [ 552.055622][T27992] ksys_mount+0xdb/0x150 [ 552.059847][T27992] __x64_sys_mount+0xbe/0x150 [ 552.064507][T27992] do_syscall_64+0x103/0x610 [ 552.069081][T27992] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 552.074969][T27992] RIP: 0033:0x457e29 [ 552.078845][T27992] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 552.098424][T27992] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 552.106813][T27992] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 552.114767][T27992] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 552.122719][T27992] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 552.130671][T27992] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 02:36:08 executing program 3: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x82003, 0x0) write$P9_RWALK(0xffffffffffffffff, 0x0, 0x1ca) r1 = gettid() write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x551b0e7e) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) write$binfmt_script(0xffffffffffffffff, 0x0, 0xa7981876f663d544) getresgid(0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) listxattr(0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) write$P9_RXATTRWALK(0xffffffffffffffff, 0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) gettid() shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) shmctl$SHM_UNLOCK(0x0, 0xc) write$P9_RSTATu(r0, 0x0, 0xfffffffffffffe8c) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) timer_create(0x0, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) tkill(r1, 0x1000000000016) 02:36:08 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) read(r0, &(0x7f0000000080)=""/11, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)) clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000440)}, 0x0) clone(0x0, &(0x7f0000000180), 0x0, 0x0, 0x0) r3 = dup2(r0, r1) ioctl$TCSETS(r3, 0x5402, 0x0) 02:36:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x1, 0x1000, &(0x7f0000000000/0x1000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffd5b, 0x0, 0x0, 0x31a) [ 552.138621][T27992] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 02:36:09 executing program 0 (fault-call:20 fault-nth:63): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:09 executing program 3: r0 = socket(0x40000000015, 0x805, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x12, &(0x7f0000000040)='+@em0system/lo))(\x00', 0xffffffffffffffff}, 0x30) sched_getaffinity(r1, 0x8, &(0x7f00000000c0)) getsockopt(r0, 0x114, 0x8000000005, &(0x7f0000af0fe7)=""/13, &(0x7f0000000000)=0xd) 02:36:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7ede, 0x40000) ioctl$BLKGETSIZE(r1, 0x1260, &(0x7f0000000080)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0x6000, 0x11c000}) ioctl$int_out(r0, 0x2, &(0x7f00000000c0)) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:09 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x2c}]}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xc, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0xa}, 0x48) 02:36:09 executing program 1: r0 = socket(0x10, 0x3, 0x0) r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f0000000040)={0x5, 0x4, 0x280000000000000}) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000001a00010000000000000000001c00000000000000000000000800010000000000459ce10b5a3a23eea2569aeb0761f69eecbb8f78f6f899a2cf68936fe7df148781b6f7a19e59d8c169b9"], 0x24}}, 0x0) 02:36:09 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$alg(0x26, 0x5, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000027c0)='/dev/full\x00', 0x200000, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x842, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=0x0) migrate_pages(r3, 0x5b, &(0x7f0000000140)=0x1, &(0x7f0000000180)=0x8) sendmsg$nl_generic(r2, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbbf4, 0x0, 0xd}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002200030000000000000000000410000008001100e2bb0000"], 0x1}}, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f00000001c0)=0xfffffffffffffffd, 0x4) 02:36:09 executing program 5: r0 = socket$inet(0x2, 0x3, 0x800000000000b) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f0000000180)="60d635ad049186211b41c8bfc73c08819826e363531da74e100555417ba3e1a0c331d3f3241e86039f599a2fa2501aee9b2be6771872ff43d3a0598d754799acaa0737c4fe1ea03551abb3d875a9a98b4fc4e7aa13651b15a5359cf50771cbfba175bda4b19542e59c225977ce28a1", 0x6f, 0xfffffffffffffffe) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000200)={r1, 0x8, 0x5b8}, &(0x7f0000000240)={'enc=', 'pkcs1', ' hash=', {'cbcmac(xeta)\x00'}}, &(0x7f0000000540)="8ebcd99eaaa8f772460817cae39201f414494ac18e06a0399583d8491398ae464e027fae82ebb35737e148ead57c8ffebce1f588cf28940f8be153f5250f4835fd2d90dcc9a72454ccc2d686f6a28082e0aa7764ebd422c3aade93ad709176f016f5507bea25f507472bf2c35502977d81d6af8740347ff7376f676ef6bc422f8be7c20611ca39e79cec6a47cd3843cec51d242bcd1adeb36d7b9790d9e5ded7c69141f0f1bcb6d5b907f97d051ebb117c9b4b6b93f9fa514cf1a6650ee9572dd7769cf0849bc1c2f066b6c6c91cdd25d759fa6fc8bd99898207f4d0f9afb21c3bcc6c1c9fec50a8b5b3e8b879c19e1ca279b6676d48f29d9ddcc716", &(0x7f00000002c0)="b5f4e6c0a3d465e8cbd06cd9fcbf3f244cca162baddab99b3f7e0fa3925eca418898e26a277a5ae0fbfa1bd015b0200ea7329f6f3711c95dcc526f860d0e7740f0e81e7006f6a4c1f5500a") setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'nat\x00', 0x19, 0x1, 0x1a0, [0x20000380, 0x0, 0x0, 0x200003b0, 0x200003e0], 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000001000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000006000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000000300736630000010000000000000000064756d6d79300000000000000000000069666230000000000000000f000000006c6f0000000000000000000000000000ffffffffffff000000000000ffffffffffff000000000000000070000000a8000000e0000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000fcffffff00000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000ffffffffffff0000fdffffff00000000"]}, 0x218) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x19, 0x0, 0x90, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) [ 552.674138][T28034] FAULT_INJECTION: forcing a failure. [ 552.674138][T28034] name failslab, interval 1, probability 0, space 0, times 0 [ 552.707041][T28034] CPU: 1 PID: 28034 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 552.716198][T28034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.726259][T28034] Call Trace: [ 552.729562][T28034] dump_stack+0x172/0x1f0 [ 552.733909][T28034] should_fail.cold+0xa/0x15 [ 552.738526][T28034] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 552.744350][T28034] ? ___might_sleep+0x163/0x280 [ 552.749214][T28034] __should_failslab+0x121/0x190 [ 552.754151][T28034] should_failslab+0x9/0x14 [ 552.758647][T28034] __kmalloc_track_caller+0x2d8/0x740 [ 552.763997][T28034] ? rcu_read_lock_sched_held+0x110/0x130 [ 552.769706][T28034] ? __kmalloc_track_caller+0x5d1/0x740 [ 552.775230][T28034] ? ovl_mount_dir+0x2a/0x1d0 [ 552.779887][T28034] kstrdup+0x3a/0x70 [ 552.783761][T28034] ovl_mount_dir+0x2a/0x1d0 [ 552.788247][T28034] ovl_fill_super+0x99c/0x3bb8 [ 552.793008][T28034] ? ovl_show_options+0x550/0x550 [ 552.798009][T28034] ? up_write+0x1c/0x150 [ 552.802243][T28034] ? sget_userns+0x105/0x560 [ 552.806820][T28034] ? get_anon_bdev+0xc0/0xc0 [ 552.811382][T28034] ? sget+0x114/0x150 [ 552.815359][T28034] ? ovl_show_options+0x550/0x550 [ 552.820360][T28034] mount_nodev+0x68/0x110 [ 552.824689][T28034] ovl_mount+0x2d/0x40 [ 552.828738][T28034] ? ovl_own_xattr_set+0x10/0x10 [ 552.833674][T28034] legacy_get_tree+0xf2/0x200 [ 552.838330][T28034] vfs_get_tree+0x123/0x450 [ 552.842831][T28034] do_mount+0x1436/0x2c40 [ 552.847156][T28034] ? copy_mount_string+0x40/0x40 [ 552.852075][T28034] ? _copy_from_user+0xdd/0x150 [ 552.856906][T28034] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.863121][T28034] ? copy_mount_options+0x30e/0x440 [ 552.868298][T28034] ksys_mount+0xdb/0x150 [ 552.872534][T28034] __x64_sys_mount+0xbe/0x150 [ 552.877196][T28034] do_syscall_64+0x103/0x610 [ 552.881770][T28034] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 552.887656][T28034] RIP: 0033:0x457e29 [ 552.891534][T28034] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 552.911306][T28034] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 552.919697][T28034] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 552.927646][T28034] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 552.935610][T28034] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 552.943574][T28034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 552.951523][T28034] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:11 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) fstatfs(r1, &(0x7f0000000000)=""/25) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x2, 0x2, 0xc189}, {0x1, 0x8001, 0x4, 0x7ff}, {0xfe00, 0x3, 0x258, 0x2}, {0x8, 0x6, 0x7, 0xcd17}]}, 0x10) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x400000, 0x0) ioctl$BLKRRPART(r2, 0x125f, 0x0) ioctl$KDGKBLED(r1, 0xc004510e, &(0x7f0000a07fff)) 02:36:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = dup2(r1, r1) ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r2) 02:36:11 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) r1 = openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.procs\x00', 0x2, 0x0) rmdir(&(0x7f0000000100)='./file0\x00') r2 = openat$cgroup_subtree(r0, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0) mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) dup2(r2, r1) write$FUSE_IOCTL(r0, 0x0, 0x0) 02:36:11 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, 0x0, &(0x7f0000000380)) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x28000, 0x0) bind$tipc(r0, 0x0, 0x0) 02:36:11 executing program 0 (fault-call:20 fault-nth:64): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:11 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket(0x1, 0x5, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setuid(r2) setsockopt$sock_int(r0, 0x1, 0x15, &(0x7f0000000080)=0x2c, 0x4) readahead(r0, 0x9, 0x4a7) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000d1c000)=0x6, 0x4) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) 02:36:11 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000180)={0x8, 0x7ff}) r1 = syz_open_dev$mice(&(0x7f0000000240)='/dev/input/mice\x00', 0x0, 0x80) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000280)={0x27f61345, 0xff}) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f00000002c0)={'ip6_vti0\x00', 0xffffffffffffffff}) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x800) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f0000000100)={0x7b, 0x0, [0x0, 0x0, 0x9e]}) write(r0, &(0x7f00000001c0)="ee0fc40ee8870bec6a85de089756814de96af58469008ef742435c6014ec015785596bebc386355f8fe6913094c8ea076df1126509b3f660b3098faf2e9c955e093a9ea948840ce57bd6", 0x4a) r3 = fcntl$dupfd(r2, 0x0, r0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={r4, 0x6}, 0x8) 02:36:11 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000780)='/dev/audio#\x00', 0x7ff, 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) symlink(0x0, &(0x7f0000000140)='.//ile0\x00') syz_mount_image$msdos(&(0x7f0000000340)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xe800, 0x1, &(0x7f0000000180)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x89a1, 0x0) ioctl$sock_inet6_SIOCADDRT(r3, 0x89a0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000400)) lsetxattr$security_ima(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='security.ima\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="0203b035b151ac30c4f9f300004acb9bca88080773d5931b3f005efcf1e357bf6f08d41e75facf3091ff99cd10288630156cb3169f655e98f0c33ec0e2a38e86d2a6c535e26ee1feaa3e37b750227ded493afb459a5bb9dfc9a55149307fe6884ab4ea41d4676fa0792daa2dd2d6e4476566d3b84a002a1fcc45823c9e9f20000000000000"], 0x1, 0x0) ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f00000007c0)={0x1, 0x3, 0x4dd}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000640)={0xbc, 0xffff, 0x100, 0x0, 0x0, [], [], [], 0x2, 0x2}) sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x8000, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000800), 0x4) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0) r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x223}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x8, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x223}, @dev}}}}}}, 0x0) close(0xffffffffffffffff) write(r4, &(0x7f0000000400)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b58c772168fae604d097fef4d6b9360eb169a0b0ee70cdc22435a003e68698f61b3b63b1f51011bc8f4ef944c1de821785f670124a1c6ed18335d63412", 0x200) lsetxattr$trusted_overlay_redirect(&(0x7f00000002c0)='.//ile0\x00', &(0x7f00000003c0)='trusted.overlay.redirect\x00', &(0x7f0000000600)='./bus\x00', 0x6, 0x1) sendfile(r4, r5, 0x0, 0x10000) openat$cgroup_ro(r0, &(0x7f0000000300)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) 02:36:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x40) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0xb6d) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 555.051657][T28071] FAULT_INJECTION: forcing a failure. [ 555.051657][T28071] name failslab, interval 1, probability 0, space 0, times 0 [ 555.092724][T28071] CPU: 0 PID: 28071 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 555.102396][T28071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 555.112456][T28071] Call Trace: [ 555.115738][T28071] dump_stack+0x172/0x1f0 [ 555.120063][T28071] should_fail.cold+0xa/0x15 [ 555.124646][T28071] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 555.130446][T28071] ? ___might_sleep+0x163/0x280 [ 555.135294][T28071] __should_failslab+0x121/0x190 [ 555.140218][T28071] should_failslab+0x9/0x14 [ 555.144707][T28071] __kmalloc_track_caller+0x2d8/0x740 [ 555.150066][T28071] ? match_strdup+0x57/0x80 [ 555.154947][T28071] kmemdup_nul+0x31/0xa0 [ 555.159175][T28071] match_strdup+0x57/0x80 [ 555.163818][T28071] ovl_fill_super+0xb7f/0x3bb8 [ 555.168581][T28071] ? ovl_show_options+0x550/0x550 [ 555.173586][T28071] ? up_write+0x1c/0x150 [ 555.177813][T28071] ? sget_userns+0x105/0x560 [ 555.182390][T28071] ? get_anon_bdev+0xc0/0xc0 [ 555.186959][T28071] ? sget+0x114/0x150 [ 555.190925][T28071] ? ovl_show_options+0x550/0x550 [ 555.195929][T28071] mount_nodev+0x68/0x110 [ 555.200253][T28071] ovl_mount+0x2d/0x40 [ 555.204324][T28071] ? ovl_own_xattr_set+0x10/0x10 [ 555.209267][T28071] legacy_get_tree+0xf2/0x200 [ 555.213936][T28071] vfs_get_tree+0x123/0x450 [ 555.218423][T28071] do_mount+0x1436/0x2c40 [ 555.222736][T28071] ? copy_mount_string+0x40/0x40 [ 555.227657][T28071] ? copy_mount_options+0x234/0x440 [ 555.232850][T28071] ? copy_mount_options+0x23d/0x440 [ 555.238053][T28071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 555.244276][T28071] ? copy_mount_options+0x30e/0x440 [ 555.249469][T28071] ksys_mount+0xdb/0x150 [ 555.253694][T28071] __x64_sys_mount+0xbe/0x150 [ 555.258358][T28071] ? do_syscall_64+0x5b/0x610 [ 555.263017][T28071] do_syscall_64+0x103/0x610 [ 555.267595][T28071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 555.273489][T28071] RIP: 0033:0x457e29 [ 555.277366][T28071] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 555.296950][T28071] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 555.305345][T28071] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 555.313300][T28071] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 555.321258][T28071] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 555.329218][T28071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 02:36:12 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000500)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0x101000, 0x0) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000240)={0x1, 0x0, {0x27, 0x15, 0x15, 0x12, 0x5, 0x3, 0x2, 0x6a, 0xffffffffffffffff}}) r3 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@assoc={0x18, 0x117, 0x4, 0x6}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f00000000c0)=ANY=[@ANYRES32=r0, @ANYBLOB="186d23efc7216629ff8646039d13d63d686507f2c551c50d72bbf97490c1bcee2aebb7cfcf2e3ccf403add05be8a50ff45440ab3b4fa02509422df2cab3bc8d6fa7f204551f7bf351a5137d67703f49d3cc1170fa41c54662a5e5caebfd65fb1e2c782ea9fb6ee571b89b962a7c335256baac669495600024882b29eae9ea8ed8af4a48b96ce0e6aca43b0199533a26c1578c0091ff81b0808099ba208436414b51eac8bea9418b72fe869bf855d7e0b187f4370d21cb5248bcd41f82d42d1cfce7bbe2aadf36dee"], 0xdd) recvmsg(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000023c0)=""/4096, 0x1000}], 0x1}, 0x0) ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f0000000280)) [ 555.337171][T28071] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 555.346808][ C0] net_ratelimit: 18 callbacks suppressed [ 555.346973][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 555.359593][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 555.367118][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 555.373908][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 555.380835][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 555.387178][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:12 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='fuse\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c670104000000000000498c32d1e9cf0c505bd16ec782edd8e20ae49ced13627b07efa1fcdca0ae43e0fe04f498dead0de0d0bf43cdd339eb57b45bcdbff393a403992f69b610dc0aea4444d82b3c806c4edb9dadcaef0d0f4e6af2fcb6fc9ea04553e42bb8379467378f09ae66c8f01785ac905eb5b1d27a85765b41c266b9ee4db168b8867de6bedb2702ff7ca0361aad86f864277a7c61057bf7a81ca2c7e3f6c93f04cb2a105803c9c0d0a822119499a18e3feacc0bf8bb5c90049ec4b6245e2956", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) read$FUSE(r0, &(0x7f00000080c0), 0x560) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") socket$inet_sctp(0x2, 0x800000000001, 0x84) openat$proc_capi20ncci(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, 0x2}, 0x50) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000080)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x131) 02:36:12 executing program 3: r0 = syz_open_dev$sndpcmc(&(0x7f0000000980)='/dev/snd/pcmC#D#c\x00', 0x0, 0x2) sendmsg$kcm(r0, &(0x7f0000000280)={&(0x7f0000000140)=@nfc_llcp={0x27, 0x0, 0x2, 0x0, 0x0, 0x8, "6de47c9517da5699552b850b5cb122daf9c75e181054e913d4e4294a270b434028762990f835ef72ea6706c7f35eb9820202723c59a189e2cc160f26dd0e6f", 0x6}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x800) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000b00)=@routing={0xff, 0xa, 0x0, 0x0, 0x0, [@remote, @mcast2, @local, @empty, @dev={0xfe, 0x80, [], 0xc}]}, 0x58) utimensat(r0, &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100)={{0x0, 0x7530}, {0x77359400}}, 0x100) connect$inet6(r1, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev, 0x4}, 0x79) r2 = syz_open_dev$amidi(0x0, 0x0, 0x24080) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000200)={'syzkaller1\x00'}) ioctl$VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x8001, 0xf, 0x4}) fstat(r1, &(0x7f0000000440)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, 0x0, 0x0) getresuid(&(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) getpid() getresuid(&(0x7f00000009c0), &(0x7f0000000a00), &(0x7f0000000a40)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a80), &(0x7f0000000ac0)=0xc) ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0) sendmmsg(r1, &(0x7f0000007e00), 0x4000000000000f4, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f00000000c0)=0x7847571d) mkdirat(r2, &(0x7f0000000080)='./file0/file0\x00', 0x140) write$P9_RWALK(r2, &(0x7f0000000740)={0x16, 0x6f, 0x0, {0x1, [{0x0, 0x0, 0x2}]}}, 0x16) [ 555.576494][ T26] audit: type=1800 audit(1550370972.373:172): pid=28216 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=132 res=0 02:36:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0xffffffffffffff7f, 0x80) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r3, 0xc008551a, &(0x7f0000000180)={0x1, 0xc, [0x1aaad0ea, 0x3, 0x3ff]}) io_setup(0x0, &(0x7f0000000000)=0x0) io_pgetevents(r4, 0x5, 0x9, &(0x7f0000000300)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000040), &(0x7f00000000c0)={&(0x7f0000000080)={0x4}, 0x8}) [ 555.638122][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 555.643946][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 555.662991][ T26] audit: type=1804 audit(1550370972.403:173): pid=28216 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/532/file0/file0" dev="loop1" ino=132 res=1 02:36:12 executing program 0 (fault-call:20 fault-nth:65): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:12 executing program 5: syz_open_dev$dspn(0x0, 0x0, 0x0) clone(0x84007ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f0000000040)='./file0\x00', 0x1048, 0x0) execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) ptrace(0x10, r0) creat(&(0x7f0000000440)='./file0\x00', 0x0) ptrace(0x4206, r0) rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f0000000100)={0x3f, 0x3, 0x80}) ptrace(0x11, r0) [ 555.968156][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 555.974015][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 555.974741][ T26] audit: type=1804 audit(1550370972.773:174): pid=28216 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/532/file0/file0" dev="loop1" ino=132 res=1 02:36:12 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x48000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 556.045644][T28346] FAULT_INJECTION: forcing a failure. [ 556.045644][T28346] name failslab, interval 1, probability 0, space 0, times 0 [ 556.101157][T28346] CPU: 0 PID: 28346 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 556.110321][T28346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.120377][T28346] Call Trace: [ 556.123680][T28346] dump_stack+0x172/0x1f0 [ 556.128030][T28346] should_fail.cold+0xa/0x15 [ 556.132637][T28346] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 556.138459][T28346] ? ___might_sleep+0x163/0x280 [ 556.143419][T28346] __should_failslab+0x121/0x190 [ 556.146817][ T26] audit: type=1804 audit(1550370972.783:175): pid=28175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/532/file0/file0" dev="loop1" ino=132 res=1 [ 556.148383][T28346] should_failslab+0x9/0x14 [ 556.148400][T28346] __kmalloc_track_caller+0x2d8/0x740 [ 556.148418][T28346] ? lock_downgrade+0x880/0x880 [ 556.148434][T28346] ? ovl_mount_dir+0x2a/0x1d0 [ 556.148454][T28346] kstrdup+0x3a/0x70 [ 556.148470][T28346] ovl_mount_dir+0x2a/0x1d0 [ 556.201767][T28346] ovl_fill_super+0xec9/0x3bb8 [ 556.206558][T28346] ? ovl_show_options+0x550/0x550 [ 556.211582][T28346] ? up_write+0x1c/0x150 [ 556.215836][T28346] ? sget_userns+0x105/0x560 [ 556.220433][T28346] ? get_anon_bdev+0xc0/0xc0 [ 556.225027][T28346] ? sget+0x114/0x150 [ 556.229018][T28346] ? ovl_show_options+0x550/0x550 [ 556.234044][T28346] mount_nodev+0x68/0x110 [ 556.238379][T28346] ovl_mount+0x2d/0x40 [ 556.242452][T28346] ? ovl_own_xattr_set+0x10/0x10 [ 556.247392][T28346] legacy_get_tree+0xf2/0x200 [ 556.252075][T28346] vfs_get_tree+0x123/0x450 [ 556.256586][T28346] do_mount+0x1436/0x2c40 [ 556.260926][T28346] ? copy_mount_string+0x40/0x40 [ 556.265873][T28346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.272114][T28346] ? copy_mount_options+0x30e/0x440 [ 556.277318][T28346] ksys_mount+0xdb/0x150 [ 556.281566][T28346] __x64_sys_mount+0xbe/0x150 [ 556.286258][T28346] do_syscall_64+0x103/0x610 [ 556.290859][T28346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 556.296750][T28346] RIP: 0033:0x457e29 [ 556.300645][T28346] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 556.320280][T28346] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 556.328704][T28346] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 556.336700][T28346] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 556.344699][T28346] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 02:36:12 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x2000, 0x0) ioctl$SIOCRSSL2CALL(r1, 0x89e2, &(0x7f0000000240)=@bcast) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x0, 0x0) write$P9_RREADLINK(r2, &(0x7f0000000080)={0xa, 0x17, 0x2, {0x1, '.'}}, 0xa) write$9p(r2, &(0x7f0000000280)="10af413c689e7cdbee9a3f273fd38f6d2d513285947c39e105e717070b2b0aefc39e70", 0x23) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0xa0, 0x4) mount$bpf(0x20000000, &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x141403, 0x0) [ 556.352675][T28346] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 556.360648][T28346] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 000000000000000a 02:36:13 executing program 0 (fault-call:20 fault-nth:66): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f00000005c0)='/dev/dmmidi#\x00', 0x8, 0x4080000222002) r1 = socket$inet6(0xa, 0x3, 0x3a) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x40, 0x0) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000200)=0x3f7, 0x4) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getresgid(&(0x7f0000000500)=0x0, &(0x7f0000000540), &(0x7f0000000580)) ioctl$TUNSETGROUP(r2, 0x400454ce, r3) openat$tun(0xffffffffffffff9c, &(0x7f0000000800)='/dev/net/tun\x00', 0x101403, 0x0) r4 = userfaultfd(0x80000) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000280)={0x2}) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000940)={0x4, 0x100000001, 0x2, 'queue0\x00', 0x100}) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000840)={{0xd752, 0x8d5}, 0x1}, 0x10) r5 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000640)=0xe8) ioprio_set$uid(0x7fff, r6, 0x330) write$P9_RLOPEN(r5, &(0x7f0000000000)={0x18}, 0x18) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000880)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0xfffffffffffffffd}) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000240)={{&(0x7f0000011000/0x2000)=nil, 0x2000}}) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000680)={0x7, 0x5d5753e5}) recvfrom$inet6(r2, &(0x7f0000000380)=""/216, 0xd8, 0x40000040, &(0x7f0000000480)={0xa, 0x4e24, 0x6, @ipv4={[], [], @rand_addr=0x5669}, 0x5}, 0x1c) mmap(&(0x7f000007e000/0x2000)=nil, 0x2000, 0xfffffffffffdfffa, 0x12, r2, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000100)={{0xa, 0x4e21, 0xfffffffffffffff9, @loopback, 0x20}, {0xa, 0x4e21, 0x0, @mcast1, 0x200}, 0x100000000, [0x9, 0x9, 0x80, 0x4, 0x80, 0x100000001, 0x6, 0x1]}, 0x5c) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f00000008c0)={{0xa, 0x4e24, 0x1, @loopback, 0x3}, {0xa, 0x4e21, 0x7a64, @mcast2, 0x10001}, 0x400, [0x10000, 0xffff, 0xe7a5, 0x6, 0xffffffff, 0x8c3, 0x9, 0x3]}, 0x5c) get_thread_area(&(0x7f00000004c0)={0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0x6acbcdb8, 0xd1c, 0x79fe, 0x6, 0x80000000, 0x2, 0x1a}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e23, 0x3, @local, 0x1}, {0xa, 0x4e20, 0x1000, @mcast1, 0x7d}, 0x0, [0xfffffffffffffe00, 0x9, 0x7, 0x7a1, 0x20, 0x3, 0x2, 0x8]}, 0x5c) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e24, 0x101, @local, 0x281}, {0xa, 0x4e23, 0x82d, @mcast1, 0x7}, 0x7, [0x1, 0x7d, 0xbc6, 0x4, 0x9, 0x1, 0x4, 0xffffffffffffffff]}, 0x5c) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xd3, &(0x7f0000000180)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @mcast1}, 0x0, [0x0, 0xa800000000000000, 0x2, 0x7]}, 0x5c) 02:36:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x70000, 0x0) [ 556.729020][T28376] FAULT_INJECTION: forcing a failure. [ 556.729020][T28376] name failslab, interval 1, probability 0, space 0, times 0 02:36:13 executing program 3: ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0105303, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/net/pfkey\x00', 0x8080, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000640)=@assoc_value, &(0x7f0000000680)=0x8) ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100), 0x4) symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file1\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x75, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0x8, 0x10}, 0xc) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000080)={0x8, 0x2, 0x94, 0x2, 0x0}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000001c0)={r3, 0x7}, &(0x7f0000000340)=0x8) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty, 0x2000000000}, 0x1c) r4 = syz_open_dev$admmidi(&(0x7f0000000440)='/dev/admmidi#\x00', 0x7, 0x80001) ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f0000000480)={0x5, 0x2, 0x0, [{0x7, 0x7fff, 0x1, 0x5, 0x101, 0x8000, 0x5}, {0x5b, 0x7, 0x3707dd19, 0x7f, 0x8, 0x81, 0x298}]}) socket$pppoe(0x18, 0x1, 0x0) r5 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x957, 0x80000) listen(r1, 0x200000000002) r6 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000380)={'ah\x00'}, &(0x7f00000003c0)=0x1e) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r6, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x10) ioctl$TCSETAW(r5, 0x5407, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) accept4$netrom(r4, &(0x7f0000000540)={{0x3, @netrom}, [@null, @netrom, @null, @remote, @bcast, @bcast, @null, @rose]}, &(0x7f00000005c0)=0x48, 0x800) socket$kcm(0x29, 0x0, 0x0) dup(0xffffffffffffffff) syz_mount_image$vfat(0x0, &(0x7f0000001380)='./file0\x00', 0x7, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRESOCT, @ANYPTR=&(0x7f0000000000)=ANY=[@ANYRESHEX, @ANYRES32]]) [ 556.892433][T28376] CPU: 1 PID: 28376 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 556.901627][T28376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.911671][T28376] Call Trace: [ 556.914966][T28376] dump_stack+0x172/0x1f0 [ 556.919296][T28376] should_fail.cold+0xa/0x15 [ 556.923883][T28376] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 556.929684][T28376] ? ___might_sleep+0x163/0x280 [ 556.934522][T28376] __should_failslab+0x121/0x190 [ 556.939442][T28376] should_failslab+0x9/0x14 [ 556.943934][T28376] kmem_cache_alloc+0x2be/0x710 [ 556.948795][T28376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.955024][T28376] ? ovl_check_namelen.isra.0+0xcf/0x120 [ 556.960640][T28376] alloc_vfsmnt+0x28/0x780 [ 556.965079][T28376] clone_mnt+0x71/0xfe0 [ 556.969220][T28376] clone_private_mount+0xba/0x100 [ 556.974225][T28376] ovl_fill_super+0xd9f/0x3bb8 [ 556.978976][T28376] ? ovl_show_options+0x550/0x550 [ 556.984007][T28376] ? up_write+0x1c/0x150 [ 556.988232][T28376] ? sget_userns+0x105/0x560 [ 556.992816][T28376] ? get_anon_bdev+0xc0/0xc0 [ 556.997387][T28376] ? sget+0x114/0x150 [ 557.001420][T28376] ? ovl_show_options+0x550/0x550 [ 557.006451][T28376] mount_nodev+0x68/0x110 [ 557.010766][T28376] ovl_mount+0x2d/0x40 [ 557.014820][T28376] ? ovl_own_xattr_set+0x10/0x10 [ 557.019761][T28376] legacy_get_tree+0xf2/0x200 [ 557.024429][T28376] vfs_get_tree+0x123/0x450 [ 557.028925][T28376] do_mount+0x1436/0x2c40 [ 557.033244][T28376] ? copy_mount_string+0x40/0x40 [ 557.038191][T28376] ? copy_mount_options+0x248/0x440 [ 557.043390][T28376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 557.049615][T28376] ? copy_mount_options+0x30e/0x440 [ 557.054801][T28376] ksys_mount+0xdb/0x150 [ 557.059028][T28376] __x64_sys_mount+0xbe/0x150 [ 557.063695][T28376] do_syscall_64+0x103/0x610 [ 557.068275][T28376] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 557.074153][T28376] RIP: 0033:0x457e29 [ 557.078038][T28376] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 557.097623][T28376] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 557.106032][T28376] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 557.113998][T28376] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 557.121951][T28376] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 557.129903][T28376] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 557.137857][T28376] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 557.163438][T28376] overlayfs: failed to clone upperpath 02:36:15 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:15 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400040, 0x0) write$P9_RSYMLINK(r2, &(0x7f0000000040)={0x92, 0x11, 0x1, {0x0, 0x3, 0x40000001}}, 0x12e) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0xffffffffffffff1d]}) 02:36:15 executing program 1: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r0, &(0x7f0000000000)={{0x6, @rose}, [@rose, @rose, @default, @netrom, @bcast, @rose, @rose, @null]}, 0x10) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x200, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r1, 0x40045731, &(0x7f00000000c0)=0x8) listen(r1, 0x6) 02:36:15 executing program 0 (fault-call:20 fault-nth:67): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:15 executing program 3: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000100)={[{0xffffffffffff8001, 0x81, 0x9, 0x7ff, 0xbefb, 0x20, 0x10000, 0x0, 0x800, 0x787, 0x8001, 0x8, 0x8001}, {0x8001, 0x3, 0x6b1, 0x2, 0x9, 0x9488, 0x3, 0x20, 0x1000, 0x6607, 0x9, 0x173ea53f, 0x8}, {0x9, 0x9, 0xffff, 0x0, 0x1, 0x9ef2, 0xbdfd, 0xd6, 0x100000001, 0x7, 0x6, 0x2, 0xffffffffffff59a0}], 0x10000}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='coredump_filter\x00') write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0x7) write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0xfffffdbc) splice(r0, 0x0, r3, 0x0, 0x810000a, 0x0) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000180)={[{0x8, 0x80000001, 0x8, 0x2, 0x8, 0x7ff, 0xfffffffffffff477, 0x9, 0x5c8, 0x3, 0x7, 0x7fff, 0x80000001}, {0x5, 0x1, 0x0, 0x1f, 0x4, 0x2, 0x5eb, 0x9, 0x7ff, 0x80, 0x80000001, 0xfffffffffffffff7, 0xffffffff80000001}, {0x2, 0x0, 0x4, 0x9, 0x2, 0x81, 0x7, 0x67, 0x9, 0x2, 0x7, 0x200, 0x9}], 0xa2b80000000}) ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000040)={0x20, 0x0, 0x1, 0x8, 0x19, 0x1, 0x8, 0x6a, 0x100000001, 0xfffffffffffffffe}) [ 558.717237][T28409] FAULT_INJECTION: forcing a failure. [ 558.717237][T28409] name failslab, interval 1, probability 0, space 0, times 0 [ 558.731041][T28409] CPU: 1 PID: 28409 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 558.740412][T28409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 558.740419][T28409] Call Trace: [ 558.740440][T28409] dump_stack+0x172/0x1f0 [ 558.740463][T28409] should_fail.cold+0xa/0x15 [ 558.740482][T28409] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 558.753843][T28409] ? ___might_sleep+0x163/0x280 [ 558.753867][T28409] __should_failslab+0x121/0x190 [ 558.753886][T28409] should_failslab+0x9/0x14 [ 558.753904][T28409] __kmalloc_track_caller+0x2d8/0x740 [ 558.753925][T28409] ? lock_downgrade+0x880/0x880 [ 558.793133][T28409] ? ovl_mount_dir+0x2a/0x1d0 [ 558.797812][T28409] kstrdup+0x3a/0x70 [ 558.801744][T28409] ovl_mount_dir+0x2a/0x1d0 [ 558.806233][T28409] ovl_fill_super+0xec9/0x3bb8 [ 558.811015][T28409] ? ovl_show_options+0x550/0x550 [ 558.816029][T28409] ? up_write+0x1c/0x150 [ 558.820262][T28409] ? sget_userns+0x105/0x560 [ 558.824834][T28409] ? get_anon_bdev+0xc0/0xc0 [ 558.829403][T28409] ? sget+0x114/0x150 [ 558.833368][T28409] ? ovl_show_options+0x550/0x550 [ 558.838375][T28409] mount_nodev+0x68/0x110 [ 558.842704][T28409] ovl_mount+0x2d/0x40 [ 558.846755][T28409] ? ovl_own_xattr_set+0x10/0x10 [ 558.851692][T28409] legacy_get_tree+0xf2/0x200 [ 558.856364][T28409] vfs_get_tree+0x123/0x450 [ 558.860868][T28409] do_mount+0x1436/0x2c40 [ 558.865199][T28409] ? copy_mount_string+0x40/0x40 [ 558.870133][T28409] ? _copy_from_user+0xdd/0x150 [ 558.874971][T28409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 558.881202][T28409] ? copy_mount_options+0x30e/0x440 [ 558.886383][T28409] ksys_mount+0xdb/0x150 [ 558.890610][T28409] __x64_sys_mount+0xbe/0x150 [ 558.895271][T28409] do_syscall_64+0x103/0x610 [ 558.899867][T28409] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 558.906107][T28409] RIP: 0033:0x457e29 [ 558.910009][T28409] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 558.929621][T28409] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 558.938046][T28409] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 558.946020][T28409] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 558.954000][T28409] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 02:36:15 executing program 5: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000580)=ANY=[@ANYBLOB="2f6465762f737230005b5d75eaf441721b03c72c0408109e8d1481b5d62b2b90ca56bbe488749628224c47b42460eab1a204fc264d531898cc389448dc764fef1dff2dc2af0b58578b29787f5c71c89cb2c2e7a5d4e18902eb1a60f523669fc92c1ba7a483d53d0661066cd26301000000e634e84b03020c8eb4722a0000dab32a5bccc71567218377ceaf6303bf70954605811a5d12470c50c31b2468bcc6618710c2313705fda6f2009acd81cb04070dd58dffafeb58cd12b6009083035bcf34ae095640cc93ae4c32ef0ae785cfdb094d0664f40cfca95b77157d5813984d20a2e63ab056d079a05acba4"], &(0x7f00000002c0)='./file0/../file0\x00', 0x0, 0x201000, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000001c0)='\x00', 0x1, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") chdir(&(0x7f0000000340)='./file0\x00') mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000380)='sysfs\x00*\x86OK\xc0\v\xce\x1b\xdb cr\x13\xb1\xe8\x94\xd1 q_\x9d\xc1\x12[\x04,r&\xeb\x016\xd9bN\xa1\xd23t\xa6`\xfeZ\xc1sr/\xd3g\xad\"\xe8U0%\xa2\xe8\xbe\v\xc5QCy\xafr\x13\xd3+\x8d]\x06\xdc\x8f\xbf,\x84\x9e\xd9\xcd\xef\xc7K\x03\xdf\xa9\xcbZ\x90\xb2\x8bK$\xd7\x86,=f\xfc\xa51g\xd5BB5CZ=\xbbv\xbc}0xffffffffffffffff}, 0x0) mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x400000000000000) setxattr$security_smack_entry(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.SMACK64\x00', &(0x7f00000000c0)='-.,bdevbdev\x00', 0xc, 0x2) 02:36:16 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) prctl$PR_GET_SECUREBITS(0x1b) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:16 executing program 5: r0 = accept4$ax25(0xffffffffffffffff, &(0x7f00000011c0)={{0x3, @null}, [@remote, @rose, @netrom, @remote, @remote, @netrom, @remote, @null]}, &(0x7f0000001240)=0x48, 0x80000) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x400, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000100)={'mangle\x00'}, &(0x7f00000001c0)=0x54) ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000001280)) r2 = syz_open_dev$sndtimer(&(0x7f0000000240)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000180)={{0x0, 0x1}}) ioctl$SNDRV_TIMER_IOCTL_STATUS(r2, 0x80605414, &(0x7f0000000040)=""/78) [ 559.352823][T28461] FAULT_INJECTION: forcing a failure. [ 559.352823][T28461] name failslab, interval 1, probability 0, space 0, times 0 [ 559.401243][T28461] CPU: 0 PID: 28461 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 559.410390][T28461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 559.420450][T28461] Call Trace: [ 559.423759][T28461] dump_stack+0x172/0x1f0 [ 559.428111][T28461] should_fail.cold+0xa/0x15 [ 559.432706][T28461] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 559.438518][T28461] ? ___might_sleep+0x163/0x280 [ 559.443378][T28461] __should_failslab+0x121/0x190 [ 559.448327][T28461] should_failslab+0x9/0x14 [ 559.452827][T28461] kmem_cache_alloc+0x2be/0x710 [ 559.457665][T28461] getname_kernel+0x53/0x370 [ 559.462237][T28461] kern_path+0x20/0x40 [ 559.466304][T28461] ovl_mount_dir_noesc+0x6c/0x180 [ 559.471332][T28461] ovl_mount_dir+0x10a/0x1d0 [ 559.471353][T28461] ovl_fill_super+0xec9/0x3bb8 [ 559.471387][T28461] ? ovl_show_options+0x550/0x550 [ 559.471400][T28461] ? up_write+0x1c/0x150 [ 559.471421][T28461] ? sget_userns+0x105/0x560 [ 559.471439][T28461] ? get_anon_bdev+0xc0/0xc0 [ 559.471452][T28461] ? sget+0x114/0x150 [ 559.471471][T28461] ? ovl_show_options+0x550/0x550 [ 559.480813][T28461] mount_nodev+0x68/0x110 [ 559.499185][T28461] ovl_mount+0x2d/0x40 [ 559.499202][T28461] ? ovl_own_xattr_set+0x10/0x10 [ 559.499218][T28461] legacy_get_tree+0xf2/0x200 [ 559.499236][T28461] vfs_get_tree+0x123/0x450 [ 559.499253][T28461] do_mount+0x1436/0x2c40 [ 559.499273][T28461] ? copy_mount_string+0x40/0x40 [ 559.499293][T28461] ? _copy_from_user+0xdd/0x150 [ 559.508278][T28461] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 559.508295][T28461] ? copy_mount_options+0x30e/0x440 [ 559.508313][T28461] ksys_mount+0xdb/0x150 [ 559.508331][T28461] __x64_sys_mount+0xbe/0x150 [ 559.508351][T28461] do_syscall_64+0x103/0x610 [ 559.508374][T28461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 559.508386][T28461] RIP: 0033:0x457e29 [ 559.508399][T28461] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 559.508408][T28461] RSP: 002b:00007faaf9936c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 559.607550][T28461] RAX: ffffffffffffffda RBX: 00007faaf9936c90 RCX: 0000000000457e29 [ 559.615521][T28461] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 559.623517][T28461] RBP: 000000000073bfa0 R08: 00000000200007c0 R09: 0000000000000000 [ 559.631476][T28461] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99376d4 [ 559.639439][T28461] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000008 [ 559.649586][T28461] overlayfs: failed to resolve './file1': -12 [ 560.438129][ C1] net_ratelimit: 24 callbacks suppressed [ 560.438138][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 560.449578][ C1] protocol 88fb is buggy, dev hsr_slave_1 02:36:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:18 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40000, 0x0) ioctl$VIDIOC_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f00000000c0)={0x0, @reserved}) socket$inet_udp(0x2, 0x2, 0x0) syz_emit_ethernet(0x0, &(0x7f0000000040)=ANY=[], 0x0) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video0\x00', 0x2, 0x0) 02:36:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x3ffd, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:18 executing program 5: perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000140)={0x3, @pix_mp={0x80000000, 0x3, 0x0, 0x1, 0x0, [{0x6, 0x9}, {0x3, 0x24000000}, {0xfffffffffffffff9, 0x78d}, {0x4, 0x1}, {0x8, 0x7}, {0x5}, {0x10000, 0x268b}, {0x2, 0xfffffffeffffffff}], 0x9, 0xd4a9, 0x2, 0x2, 0x2}}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000040)=""/24, &(0x7f0000000100)=0x18) 02:36:18 executing program 3: syz_open_dev$radio(&(0x7f0000000580)='/dev/radio#\x00', 0x2, 0x2) r0 = socket$inet_tcp(0x2, 0x1, 0x0) clone(0x802122001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000280)={0x0, 0x0}) pselect6(0x40, &(0x7f00000001c0)={0x59, 0x7a, 0x7, 0x40, 0x401, 0x5, 0x7fff, 0x200}, &(0x7f0000000200)={0x3, 0x100, 0x8, 0x80, 0x200, 0x2, 0x3ff, 0x6060}, &(0x7f0000000240)={0x7, 0x3f, 0x4, 0x865d, 0x3, 0x4c, 0x7, 0x6}, &(0x7f00000002c0)={r1, r2+30000000}, &(0x7f0000000340)={&(0x7f0000000300), 0x8}) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000100)={'icmp6\x00'}, &(0x7f0000000180)=0x1e) pipe(&(0x7f0000000880)={0xffffffffffffffff, 0xffffffffffffffff}) write(r4, &(0x7f0000000340), 0x10000014c) getpeername$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000080)=0x1c) syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x0, 0x0) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x3000000}, 0x0, &(0x7f0000000140)={0x1b9}, 0x0, 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 02:36:18 executing program 0 (fault-call:20 fault-nth:69): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:18 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x4003, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x7a48, 0x400) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000180)='nbd\x00') r4 = syz_open_dev$dspn(&(0x7f00000001c0)='/dev/dsp#\x00', 0x9, 0x100) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x800, 0x0) r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/pfkey\x00', 0x10000, 0x0) pipe(&(0x7f0000000280)={0xffffffffffffffff}) r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001640)='/dev/autofs\x00', 0x0, 0x0) r9 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000001680)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000002c0)={0x80000001, 0x53, 0x9, 0x7, 0xb6c, 0x78, 0x1, 0x3, 0x0}, &(0x7f0000000300)=0x20) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r7, 0x84, 0x7c, &(0x7f0000000340)={r10, 0x75, 0x7}, 0x8) r11 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/dlm-control\x00', 0x420001, 0x0) sendmsg$NBD_CMD_STATUS(r2, &(0x7f00000017c0)={&(0x7f0000000100), 0xc, &(0x7f0000001780)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="080326bd7000ffdbdf25050000003c00070008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="080001003b353347026f988f727849ff7204a849a941ce8e186185bd81f854422f", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r11, @ANYBLOB="08000100000000000c0002000400000000000000"], 0x64}, 0x1, 0x0, 0x0, 0x4044}, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$KVM_ENABLE_CAP_CPU(r12, 0x4008ae89, &(0x7f0000000040)={0x7b, 0x0, [0x277, 0x2]}) 02:36:18 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000200)={0x3, 0x1}) r0 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000081, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) fchdir(r1) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) setfsuid(0x0) umount2(&(0x7f0000000280)='./file0\x00', 0x0) r2 = syz_open_dev$vcsn(0x0, 0x800, 0x80040) setsockopt$inet_tcp_int(r2, 0x6, 0x1a, 0x0, 0xffffffffffffffc6) accept$alg(r2, 0x0, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000002c0)) write$P9_RXATTRCREATE(r0, &(0x7f0000000080)={0x7, 0x21, 0x1}, 0x7) syz_open_dev$sndseq(0x0, 0x0, 0x0) [ 561.718134][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 561.723974][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 561.729840][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 561.735645][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 561.741490][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 561.747286][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:18 executing program 2: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3f, 0x80000) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x10000, 0x3f, 0x401, 0x6, 0xd, 0x2, 0xfffffffffffffffe, 0x0, 0x5c6f7efe, 0x3, 0x400, 0x5b1}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) io_setup(0x1, &(0x7f00000000c0)=0x0) io_pgetevents(r4, 0x200, 0x5, &(0x7f0000000180)=[{}, {}, {}, {}, {}], &(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f0000000300)={&(0x7f0000000240)={0x80}, 0x8}) r5 = shmat(0xffffffffffffffff, &(0x7f0000ffe000/0x2000)=nil, 0x1000) unlink(&(0x7f0000000080)='./file0\x00') shmdt(r5) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000340)={[0xffffffffffff8000, 0x9, 0x6, 0x2, 0x3, 0x8001, 0x3, 0x5, 0x2, 0x9, 0x9, 0x44f400000000, 0x8001, 0x9, 0x8, 0x220], 0x3002, 0x80000}) [ 561.821192][T28500] FAULT_INJECTION: forcing a failure. [ 561.821192][T28500] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 561.834430][T28500] CPU: 1 PID: 28500 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 561.843538][T28500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 561.853598][T28500] Call Trace: [ 561.856902][T28500] dump_stack+0x172/0x1f0 [ 561.861249][T28500] should_fail.cold+0xa/0x15 02:36:18 executing program 5: r0 = epoll_create1(0x0) set_mempolicy(0x4002, 0x0, 0x9) fcntl$getown(r0, 0x9) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x44000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x13, &(0x7f00000004c0)=0x6, 0x4) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) clock_gettime(0x0, &(0x7f00000005c0)) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x9, 0x0, 0x10003}) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000100)={0x4, 0x1f, 0x7, 0x5be}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240)='trusted.overlay.upper\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="00fbbb02ff93de27b3d3ae686f0847cd0ce935d056921bfa30b80b7b2e1837f07e88547d7506cec5683a911918e7249a848670c0f6590a6aa813c11cc06bf909ec4c36e31616becfeb0ae51bf6e23497da0c03e7eca174ad86c72ba70840a9eb5ab53984bfdfb88b6a88eb65963923a46f272636e9f963604fd727d4e35fef5657205fe85d62bd1b0640683fbdc99d0002000096bbed4fb5118f5a2694f077ab13d0f1901b475c044e0c5c83ea0b01d41049aa9e77574774bf01855209f9258ba47e341a5eb9fad1b671e0e85df83014d57bf0d84e22f23f1d3e5b47efce9efda02b1ae7c7c50f3dc21586c61727fb46f5da7d19c9b909caad921572c9ea40ea839e57a99ca3c7c31edabb25c0658a71d7201ebabad169355da6a22b686c7f388eec6b33ec4a1fb8d190ba2d5823f34728817b76c1f18a64e86a39ce0fc7d72e98ae198678a89903d81548b87eab32b37f60b78562c23cbb94ae9e41f0143b294538a7c39405b0ac888669719a3588d4839df6a6fc2b48d5f8fd947493c73e12ea1d7f1e3be01527210a4241594b552b062d07b7459ef28e256b594abe0400000000fe4390277c84cf13c197575e8157ce6dc95fa7"], 0x1, 0x0) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) fallocate(r1, 0x0, 0x0, 0xa6ba0) io_setup(0x40000100000003, &(0x7f0000000340)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x8040000a70c0300, 0x0, 0x8, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x200000000, 0x200000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000b0e000)) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0xa4, &(0x7f0000000380)=[@in={0x2, 0x4e20, @multicast2}, @in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e20, 0x7, @loopback, 0x1ff}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e21, 0x9, @mcast1, 0x3}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, [], 0xa}, 0x100000001}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000480)={0x8000, 0x1f, 0x8000, 0xda, 0x0, 0x9, 0x8000, 0xffffffff, r4}, &(0x7f0000000500)=0x20) [ 561.865863][T28500] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 561.871695][T28500] should_fail_alloc_page+0x50/0x60 [ 561.876909][T28500] __alloc_pages_nodemask+0x1a1/0x7e0 [ 561.882303][T28500] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 561.888023][T28500] ? find_held_lock+0x35/0x130 [ 561.892800][T28500] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 561.898617][T28500] cache_grow_begin+0x9c/0x850 [ 561.903386][T28500] ? getname_kernel+0x53/0x370 [ 561.908158][T28500] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 561.914426][T28500] kmem_cache_alloc+0x645/0x710 02:36:18 executing program 3: r0 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000040), 0x80000) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e21, 0x7, @mcast2, 0x3}}, 0x0, 0x34a, 0x3ff, 0xffffffff, 0xfffffffffffffffa}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0)={r1, 0x6de4, 0xc9, 0x3}, &(0x7f0000000200)=0x10) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) [ 561.914454][T28500] getname_kernel+0x53/0x370 [ 561.914471][T28500] kern_path+0x20/0x40 [ 561.914490][T28500] ovl_mount_dir_noesc+0x6c/0x180 [ 561.923903][T28500] ovl_mount_dir+0x10a/0x1d0 [ 561.923924][T28500] ovl_fill_super+0xec9/0x3bb8 [ 561.923955][T28500] ? ovl_show_options+0x550/0x550 [ 561.923971][T28500] ? up_write+0x1c/0x150 [ 561.937612][T28500] ? sget_userns+0x105/0x560 [ 561.937632][T28500] ? get_anon_bdev+0xc0/0xc0 [ 561.937648][T28500] ? sget+0x114/0x150 [ 561.951638][T28500] ? ovl_show_options+0x550/0x550 [ 561.951656][T28500] mount_nodev+0x68/0x110 [ 561.951672][T28500] ovl_mount+0x2d/0x40 [ 561.951686][T28500] ? ovl_own_xattr_set+0x10/0x10 [ 561.951704][T28500] legacy_get_tree+0xf2/0x200 [ 561.951731][T28500] vfs_get_tree+0x123/0x450 [ 561.951753][T28500] do_mount+0x1436/0x2c40 [ 561.997019][T28500] ? copy_mount_string+0x40/0x40 [ 562.001964][T28500] ? _copy_from_user+0xdd/0x150 [ 562.006821][T28500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 562.013055][T28500] ? copy_mount_options+0x30e/0x440 [ 562.018253][T28500] ksys_mount+0xdb/0x150 [ 562.022502][T28500] __x64_sys_mount+0xbe/0x150 [ 562.027182][T28500] do_syscall_64+0x103/0x610 [ 562.031776][T28500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 562.037658][T28500] RIP: 0033:0x457e29 [ 562.041552][T28500] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 562.061153][T28500] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 562.069560][T28500] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 562.077526][T28500] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 562.085493][T28500] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 562.093459][T28500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 562.101426][T28500] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000007 [ 562.118231][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 562.124105][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 562.245788][T28500] overlayfs: upper fs does not support tmpfile. 02:36:19 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f023c123f3188a070") r1 = syz_open_dev$video(&(0x7f00000002c0)='/dev/video#\x00', 0x3, 0x0) pipe2(&(0x7f0000000000), 0x800) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000000c0)={0xa00000, 0x251, 0x0, [], 0x0}) [ 562.375610][T28500] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. 02:36:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:21 executing program 3: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/\x00\x00\x00\x0e\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0) prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) write$input_event(r0, &(0x7f0000000080)={{r1, r2/1000+10000}, 0x16, 0x2, 0x7}, 0x18) r3 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x28, 0x6, &(0x7f0000581000)={{{@in, @in6=@mcast2}}}, &(0x7f0000000000)=0xe8) 02:36:21 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1, 0x0) dup2(r0, r1) 02:36:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0) read$alg(r3, &(0x7f0000000040)=""/151, 0x97) 02:36:21 executing program 0 (fault-call:20 fault-nth:70): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:21 executing program 5: r0 = epoll_create1(0x0) set_mempolicy(0x4002, 0x0, 0x9) fcntl$getown(r0, 0x9) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x44000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x13, &(0x7f00000004c0)=0x6, 0x4) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) clock_gettime(0x0, &(0x7f00000005c0)) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x9, 0x0, 0x10003}) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000100)={0x4, 0x1f, 0x7, 0x5be}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240)='trusted.overlay.upper\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="00fbbb02ff93de27b3d3ae686f0847cd0ce935d056921bfa30b80b7b2e1837f07e88547d7506cec5683a911918e7249a848670c0f6590a6aa813c11cc06bf909ec4c36e31616becfeb0ae51bf6e23497da0c03e7eca174ad86c72ba70840a9eb5ab53984bfdfb88b6a88eb65963923a46f272636e9f963604fd727d4e35fef5657205fe85d62bd1b0640683fbdc99d0002000096bbed4fb5118f5a2694f077ab13d0f1901b475c044e0c5c83ea0b01d41049aa9e77574774bf01855209f9258ba47e341a5eb9fad1b671e0e85df83014d57bf0d84e22f23f1d3e5b47efce9efda02b1ae7c7c50f3dc21586c61727fb46f5da7d19c9b909caad921572c9ea40ea839e57a99ca3c7c31edabb25c0658a71d7201ebabad169355da6a22b686c7f388eec6b33ec4a1fb8d190ba2d5823f34728817b76c1f18a64e86a39ce0fc7d72e98ae198678a89903d81548b87eab32b37f60b78562c23cbb94ae9e41f0143b294538a7c39405b0ac888669719a3588d4839df6a6fc2b48d5f8fd947493c73e12ea1d7f1e3be01527210a4241594b552b062d07b7459ef28e256b594abe0400000000fe4390277c84cf13c197575e8157ce6dc95fa7"], 0x1, 0x0) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) fallocate(r1, 0x0, 0x0, 0xa6ba0) io_setup(0x40000100000003, &(0x7f0000000340)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x8040000a70c0300, 0x0, 0x8, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x200000000, 0x200000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000b0e000)) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0xa4, &(0x7f0000000380)=[@in={0x2, 0x4e20, @multicast2}, @in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e20, 0x7, @loopback, 0x1ff}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e21, 0x9, @mcast1, 0x3}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, [], 0xa}, 0x100000001}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000480)={0x8000, 0x1f, 0x8000, 0xda, 0x0, 0x9, 0x8000, 0xffffffff, r4}, &(0x7f0000000500)=0x20) 02:36:21 executing program 1: ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) pipe(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ppp\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)=ANY=[@ANYBLOB="fcffffff"], 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) fcntl$dupfd(r1, 0x0, r2) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r3, 0x0) write$binfmt_misc(r3, &(0x7f0000000440)={'syz1'}, 0x1200e) 02:36:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000f40)='/dev/ptmx\x00', 0x10900, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001100)='/dev/uinput\x00', 0x40004, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000880)={'syz1\x00', {}, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x5, 0x81, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x100000000, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xf39, 0x80, 0x0, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x100000000, 0x0, 0xd87e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x100, 0x0, 0xfff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10e3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x40, 0x7fff, 0x0, 0x3, 0xd7b, 0x7fff, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff]}, 0x45c) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f00000001c0)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000001280)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000080001000f95bc41e32d2db143b0669d0353edfbc81edd5624958069cdb6112b9ca257444ede602397533fe687cbdc55ef67aabe1d1b380922902c8162dfb523e134aaa1f8ad5d8f3da4419a1b294196dc39d31981d4b6150f51eabc4a496a94dd627e6ed53bf0c3908ae56ef5aa2d698f294502ae42fbc596ffb66dfb42ed4cab880e53aacb0ee9430b1c4ac08788104705016ca8ec4f530f1413d2031a9e1155a25b77bf1fe70fd99beec0f71e", @ANYRES32=r4, @ANYBLOB="ac00020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000000000038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040000000000"], 0xc8}}, 0x0) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001040)='/dev/fuse\x00', 0x2, 0x0) getresgid(&(0x7f0000000f80), &(0x7f0000000fc0), &(0x7f0000001000)) r6 = getegid() mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id', 0x3d, r6}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') setsockopt$IP_VS_SO_SET_EDIT(r7, 0x0, 0x483, &(0x7f00000003c0)={0x3c, @remote, 0x4e24, 0x0, 'rr\x00', 0x2, 0x1, 0x39}, 0x2c) ioctl$sock_inet_SIOCGIFPFLAGS(r7, 0x8935, &(0x7f00000002c0)={'teql0\x00', 0x9}) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) mount(&(0x7f0000000d40)=ANY=[@ANYBLOB="eb211b0ef5df1b0a7eadeab0c375a3a40e25becc9ec416499d5c208a803e9c8e8bf7ff0091212e4d9e4c25acf6de1e782195d377a170c16d7d850000cf75f43ce3f1d70b9d7baa8f2467e8609efe14e3ff387733d1193d4cb8fa7d482f01e622d3623ab5cfe1f830ad600a7510b690426141f8d92d0d51745903c515374b1f26454558028ff8c07028d9bb64a78447e7b4cab96e224666e5c8a634a900b3ba095d95ccc71f2ef0ca27d5f7004971bcc7bb816deb5f4715b884559273470e037a30f80f4e18cc10507afa3c2ee8172c000000000000"], 0x0, &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) read(r5, &(0x7f0000000380)=""/48, 0x30) mount(&(0x7f0000000f00)=ANY=[@ANYBLOB="3897c61e2344b35ce4b0e8eb675766d6275488bb0fb34f52ffa1089aff3a2dda6d16dcf00100000000000000016b7b1039cfd93e445671550a8131d1"], 0x0, &(0x7f0000000ec0)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000001140)=ANY=[@ANYBLOB="6e76826cec4b14e3e1ba40ade347da9043642d201bea3e06ad9460ae68add5babb300e80cffb9d2722ec15c095e189efa7b86cc8af00983817a30f1141cf2eed277caed5251ec0e73df9048dd0b27577f670ec108394fe3400cd4b113e95d26431fcdeee9f0f76a06325e510b6d410732211c73965375e75ec82c0724c3fd14a553573f5f4c86a6658e16668ee9b827b4c2c0a2206277dcc42249dcc708a6ac21059b2b46095dde811799262fd0a78ffdc29275bf20901e33498cb0d99c831272038d64eb2d4a0d82e191b80065564080491d61817683e9c6a9ec2f58a32b59e9e663771363247f40860319281057bcc793e14346d8f4a533631ec6f4614545e33fdb477babb336793abe5c578"], 0x0, &(0x7f0000fdb000)='ubifs\x00', 0x80010, 0x0) mount(&(0x7f0000000e40)=ANY=[@ANYBLOB="36fcf0a5c67e3fc35e8ad531e4daa7c28e92c297595bda2ed8b4cd21ddee74021ff2576af6e0e1faf09f48acda31a0d49f6a7c8abb40828f6dac600ab8e87c02f62946ae174dfd7035df9917479db88f28"], 0x0, &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000d00)=ANY=[@ANYBLOB="f3ff7407f8791fdba5ac27785b5102c3a954f80fc69ba0cb31a2b41647c0e58d30665945e32d05c99443bc01553231f3"], 0x0, &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) preadv(r7, &(0x7f0000000040)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0) ioctl$int_out(0xffffffffffffffff, 0x2, &(0x7f00000001c0)) utimes(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={{0x77359400}, {0x77359400}}) close(r0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") 02:36:21 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x107002, 0x0) setsockopt$rose(r3, 0x104, 0x7, &(0x7f0000000040), 0x4) [ 564.859256][T28553] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. [ 564.860166][T28542] FAULT_INJECTION: forcing a failure. [ 564.860166][T28542] name failslab, interval 1, probability 0, space 0, times 0 [ 564.987067][T28542] CPU: 1 PID: 28542 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 564.996330][T28542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 565.006393][T28542] Call Trace: [ 565.009695][T28542] dump_stack+0x172/0x1f0 [ 565.014047][T28542] should_fail.cold+0xa/0x15 [ 565.018657][T28542] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 565.024485][T28542] ? ___might_sleep+0x163/0x280 [ 565.029345][T28542] __should_failslab+0x121/0x190 [ 565.034293][T28542] should_failslab+0x9/0x14 [ 565.038802][T28542] kmem_cache_alloc+0x2be/0x710 [ 565.041193][T28567] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. [ 565.043675][T28542] __d_alloc+0x2e/0x8c0 [ 565.043692][T28542] ? debug_smp_processor_id+0x3c/0x280 [ 565.043711][T28542] d_alloc+0x4d/0x2b0 [ 565.066635][T28542] ? __lock_acquire+0x55d/0x4710 [ 565.071582][T28542] d_alloc_parallel+0xf4/0x1bc0 [ 565.076454][T28542] ? debug_smp_processor_id+0x3c/0x280 [ 565.081930][T28542] ? __d_lookup_rcu+0x6c0/0x6c0 [ 565.086783][T28542] ? __d_lookup+0x40c/0x760 [ 565.091296][T28542] ? lockdep_init_map+0x10c/0x5b0 [ 565.096327][T28542] ? lockdep_init_map+0x10c/0x5b0 [ 565.101365][T28542] __lookup_slow+0x1ab/0x500 [ 565.105957][T28542] ? vfs_unlink+0x560/0x560 [ 565.110478][T28542] ? lockdep_hardirqs_on+0x418/0x5d0 [ 565.115772][T28542] ? d_lookup+0x19e/0x260 [ 565.120112][T28542] lookup_one_len+0x16d/0x1a0 [ 565.124795][T28542] ? lookup_one_len_unlocked+0x100/0x100 [ 565.130444][T28542] ovl_workdir_create+0x182/0x530 [ 565.135499][T28542] ? ovl_mount_dir+0x1d0/0x1d0 [ 565.140274][T28542] ? rcu_read_lock_sched_held+0x110/0x130 [ 565.145996][T28542] ? preempt_count_add+0xbc/0x1b0 [ 565.151035][T28542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.157287][T28542] ? __mnt_want_write+0x1f1/0x2f0 [ 565.162793][T28542] ovl_fill_super+0x1089/0x3bb8 [ 565.167670][T28542] ? ovl_show_options+0x550/0x550 [ 565.172696][T28542] ? up_write+0x1c/0x150 [ 565.176946][T28542] ? sget_userns+0x105/0x560 [ 565.181543][T28542] ? get_anon_bdev+0xc0/0xc0 [ 565.186133][T28542] ? sget+0x114/0x150 [ 565.190122][T28542] ? ovl_show_options+0x550/0x550 [ 565.195146][T28542] mount_nodev+0x68/0x110 [ 565.199488][T28542] ovl_mount+0x2d/0x40 [ 565.203559][T28542] ? ovl_own_xattr_set+0x10/0x10 [ 565.208503][T28542] legacy_get_tree+0xf2/0x200 [ 565.213183][T28542] vfs_get_tree+0x123/0x450 [ 565.217688][T28542] do_mount+0x1436/0x2c40 [ 565.222033][T28542] ? copy_mount_string+0x40/0x40 [ 565.226978][T28542] ? _copy_from_user+0xdd/0x150 [ 565.231841][T28542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.238081][T28542] ? copy_mount_options+0x30e/0x440 [ 565.243285][T28542] ksys_mount+0xdb/0x150 [ 565.247542][T28542] __x64_sys_mount+0xbe/0x150 [ 565.252228][T28542] do_syscall_64+0x103/0x610 [ 565.256827][T28542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 565.262728][T28542] RIP: 0033:0x457e29 [ 565.266626][T28542] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:36:22 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000f40)='/dev/ptmx\x00', 0x10900, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001100)='/dev/uinput\x00', 0x40004, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000880)={'syz1\x00', {}, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x5, 0x81, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x100000000, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xf39, 0x80, 0x0, 0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x100000000, 0x0, 0xd87e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x100, 0x0, 0xfff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10e3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x10000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x40, 0x7fff, 0x0, 0x3, 0xd7b, 0x7fff, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffff801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff]}, 0x45c) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f00000001c0)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000001280)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000080001000f95bc41e32d2db143b0669d0353edfbc81edd5624958069cdb6112b9ca257444ede602397533fe687cbdc55ef67aabe1d1b380922902c8162dfb523e134aaa1f8ad5d8f3da4419a1b294196dc39d31981d4b6150f51eabc4a496a94dd627e6ed53bf0c3908ae56ef5aa2d698f294502ae42fbc596ffb66dfb42ed4cab880e53aacb0ee9430b1c4ac08788104705016ca8ec4f530f1413d2031a9e1155a25b77bf1fe70fd99beec0f71e", @ANYRES32=r4, @ANYBLOB="ac00020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000000000038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040000000000"], 0xc8}}, 0x0) ioctl$UI_DEV_SETUP(r1, 0x5501, &(0x7f0000000300)={{}, 'syz0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001040)='/dev/fuse\x00', 0x2, 0x0) getresgid(&(0x7f0000000f80), &(0x7f0000000fc0), &(0x7f0000001000)) r6 = getegid() mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id', 0x3d, r6}}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00') setsockopt$IP_VS_SO_SET_EDIT(r7, 0x0, 0x483, &(0x7f00000003c0)={0x3c, @remote, 0x4e24, 0x0, 'rr\x00', 0x2, 0x1, 0x39}, 0x2c) ioctl$sock_inet_SIOCGIFPFLAGS(r7, 0x8935, &(0x7f00000002c0)={'teql0\x00', 0x9}) ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f0000000140)) mount(&(0x7f0000000d40)=ANY=[@ANYBLOB="eb211b0ef5df1b0a7eadeab0c375a3a40e25becc9ec416499d5c208a803e9c8e8bf7ff0091212e4d9e4c25acf6de1e782195d377a170c16d7d850000cf75f43ce3f1d70b9d7baa8f2467e8609efe14e3ff387733d1193d4cb8fa7d482f01e622d3623ab5cfe1f830ad600a7510b690426141f8d92d0d51745903c515374b1f26454558028ff8c07028d9bb64a78447e7b4cab96e224666e5c8a634a900b3ba095d95ccc71f2ef0ca27d5f7004971bcc7bb816deb5f4715b884559273470e037a30f80f4e18cc10507afa3c2ee8172c000000000000"], 0x0, &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) read(r5, &(0x7f0000000380)=""/48, 0x30) mount(&(0x7f0000000f00)=ANY=[@ANYBLOB="3897c61e2344b35ce4b0e8eb675766d6275488bb0fb34f52ffa1089aff3a2dda6d16dcf00100000000000000016b7b1039cfd93e445671550a8131d1"], 0x0, &(0x7f0000000ec0)='bdev\x00', 0x100000, &(0x7f0000444000)) mount(&(0x7f0000001140)=ANY=[@ANYBLOB="6e76826cec4b14e3e1ba40ade347da9043642d201bea3e06ad9460ae68add5babb300e80cffb9d2722ec15c095e189efa7b86cc8af00983817a30f1141cf2eed277caed5251ec0e73df9048dd0b27577f670ec108394fe3400cd4b113e95d26431fcdeee9f0f76a06325e510b6d410732211c73965375e75ec82c0724c3fd14a553573f5f4c86a6658e16668ee9b827b4c2c0a2206277dcc42249dcc708a6ac21059b2b46095dde811799262fd0a78ffdc29275bf20901e33498cb0d99c831272038d64eb2d4a0d82e191b80065564080491d61817683e9c6a9ec2f58a32b59e9e663771363247f40860319281057bcc793e14346d8f4a533631ec6f4614545e33fdb477babb336793abe5c578"], 0x0, &(0x7f0000fdb000)='ubifs\x00', 0x80010, 0x0) mount(&(0x7f0000000e40)=ANY=[@ANYBLOB="36fcf0a5c67e3fc35e8ad531e4daa7c28e92c297595bda2ed8b4cd21ddee74021ff2576af6e0e1faf09f48acda31a0d49f6a7c8abb40828f6dac600ab8e87c02f62946ae174dfd7035df9917479db88f28"], 0x0, &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') mount(&(0x7f0000000d00)=ANY=[@ANYBLOB="f3ff7407f8791fdba5ac27785b5102c3a954f80fc69ba0cb31a2b41647c0e58d30665945e32d05c99443bc01553231f3"], 0x0, &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) preadv(r7, &(0x7f0000000040)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x0) ioctl$int_out(0xffffffffffffffff, 0x2, &(0x7f00000001c0)) utimes(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={{0x77359400}, {0x77359400}}) close(r0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") [ 565.286230][T28542] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 565.294644][T28542] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 565.302617][T28542] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 565.310588][T28542] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 565.318559][T28542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 565.326528][T28542] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:22 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) recvfrom$ax25(r0, &(0x7f0000000180)=""/253, 0xfd, 0x40000002, 0x0, 0xfffffffb) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000000)=""/8) [ 565.457356][T28542] overlayfs: failed to create directory ./file1/work (errno: 12); mounting read-only [ 565.472633][T28572] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. 02:36:22 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8, 0x100) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000040)={0x3f, @empty, 0x4e22, 0x3, 'lblc\x00', 0x24, 0x9, 0x3b}, 0x2c) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0xf3, 0x2, 0x3, 0x200007fff]}) [ 565.526716][T28542] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off. [ 565.878178][ C0] net_ratelimit: 16 callbacks suppressed [ 565.878184][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 565.889668][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 565.895499][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 565.901306][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 565.907124][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 565.912945][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 566.279632][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 566.285459][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 566.368209][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 566.374005][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:24 executing program 1: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x42, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@remote}}, &(0x7f0000000380)=0xe8) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ATTR(r0, &(0x7f0000000480)={0x78, 0x0, 0x4, {0x101, 0x0, 0x0, {0x3, 0x7, 0x2, 0x7, 0xffff, 0x6, 0x5, 0x2, 0x3, 0x3, 0x1, r1, r2, 0xfbf, 0x20}}}, 0x78) r3 = socket(0x10, 0x2, 0xc) write(r3, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x210000, 0x0) recvmsg$kcm(r3, &(0x7f0000000680)={&(0x7f0000000500)=@l2, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000580)=""/16, 0x10}], 0x1, &(0x7f0000000600)=""/106, 0x6a}, 0x12041) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000000200)={0x600000000000000, 0x3000, 0x0, 0x8, 0x1e}) socketpair(0x4, 0x80801, 0x6, &(0x7f0000000180)) r5 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x9a002) name_to_handle_at(r5, &(0x7f0000000040)='./file0\x00', &(0x7f00000006c0)=ANY=[@ANYBLOB="47000000da1b00007f00825ce036a0e67d5bf36a36dcfbf1329c3254a150adc7af325bd30262c7d55af2f4a6c68c422c6a5f7500000000000000000000005fa5dcc16550b809c300000000"], &(0x7f0000000140), 0x1000) write(r3, &(0x7f0000000100)="1f0000000104fffffd3b54c007110000f30501000b000300000010000000cf", 0x1f) 02:36:24 executing program 5: r0 = epoll_create1(0x0) set_mempolicy(0x4002, 0x0, 0x9) fcntl$getown(r0, 0x9) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x44000) setsockopt$inet6_dccp_int(0xffffffffffffffff, 0x21, 0x13, &(0x7f00000004c0)=0x6, 0x4) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) clock_gettime(0x0, &(0x7f00000005c0)) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x9, 0x0, 0x10003}) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000100)={0x4, 0x1f, 0x7, 0x5be}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./bus\x00', &(0x7f0000000240)='trusted.overlay.upper\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="00fbbb02ff93de27b3d3ae686f0847cd0ce935d056921bfa30b80b7b2e1837f07e88547d7506cec5683a911918e7249a848670c0f6590a6aa813c11cc06bf909ec4c36e31616becfeb0ae51bf6e23497da0c03e7eca174ad86c72ba70840a9eb5ab53984bfdfb88b6a88eb65963923a46f272636e9f963604fd727d4e35fef5657205fe85d62bd1b0640683fbdc99d0002000096bbed4fb5118f5a2694f077ab13d0f1901b475c044e0c5c83ea0b01d41049aa9e77574774bf01855209f9258ba47e341a5eb9fad1b671e0e85df83014d57bf0d84e22f23f1d3e5b47efce9efda02b1ae7c7c50f3dc21586c61727fb46f5da7d19c9b909caad921572c9ea40ea839e57a99ca3c7c31edabb25c0658a71d7201ebabad169355da6a22b686c7f388eec6b33ec4a1fb8d190ba2d5823f34728817b76c1f18a64e86a39ce0fc7d72e98ae198678a89903d81548b87eab32b37f60b78562c23cbb94ae9e41f0143b294538a7c39405b0ac888669719a3588d4839df6a6fc2b48d5f8fd947493c73e12ea1d7f1e3be01527210a4241594b552b062d07b7459ef28e256b594abe0400000000fe4390277c84cf13c197575e8157ce6dc95fa7"], 0x1, 0x0) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) fallocate(r1, 0x0, 0x0, 0xa6ba0) io_setup(0x40000100000003, &(0x7f0000000340)=0x0) io_submit(r3, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x8040000a70c0300, 0x0, 0x8, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x200000000, 0x200000) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000b0e000)) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0xa4, &(0x7f0000000380)=[@in={0x2, 0x4e20, @multicast2}, @in={0x2, 0x4e21, @empty}, @in6={0xa, 0x4e20, 0x7, @loopback, 0x1ff}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e21, 0x9, @mcast1, 0x3}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, [], 0xa}, 0x100000001}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000480)={0x8000, 0x1f, 0x8000, 0xda, 0x0, 0x9, 0x8000, 0xffffffff, r4}, &(0x7f0000000500)=0x20) 02:36:24 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x80000000000040, &(0x7f0000000280)="ccfc3d5263b593682b6e5c2deb5f95ec3516f81e5c1f68301423c2bbe5d316e1d9a00095576335b323ed6348ce4d4aa8c95453859176c2151ddd5689ff90da6b94de9a77b4c22ebbff595038180804f350f94f32f0", 0x55) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x93f, 0x2140) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f0000000040)={{0xfffffffffffffffe, 0x1, 0x4, 0x4, 0x7ff, 0x5}, 0x86, 0x6, 0x1, 0x1, 0x3, "200c76ae49014f6889b4fd11fca131c1650535944b4696d791e9f0821a67fe556820952bfd71a0331b20f2f3831b021b936cb290f8bf80f23cd80bca68585a919a23f6c6c29caa4f2602521de94e72df0a1e73e67da61739875fcc9dd57d0b04fc0e3d4b114b306697e8c998bb3cab78385fa1e1bef225f0ee8e8ef8906bbbf1"}) 02:36:24 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x208401, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000700)={0x101, {{0x2, 0x4e24, @empty}}, 0x0, 0x1, [{{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}]}, 0x110) r2 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000300)={"44a1efb4d53ccb1a4aa950cad513cf05065fb724da687de4fa085d5629d2a189460e6a74d25d19ce95529bccbe14869d91eae559871241312532579ba1c98460cce06fef4ee13940a921e8c7cf4f7bcd834c613ea420c4e9cbaf0e2f05565efa0744f33dde9b7ef8b755322dd69cf4a6ba1510b02e79a5801348b3ca5a628c7fee7bdb3643cf11fbeb626d04e37f12f96025dd43edcf6c037b5d5af4288419827c4597d818f7ef66e718b837fa3129b254db61627f8d684b651165cb6f8f2184aec686bba4b4316848e4594df8fcedf9f53934b7ef276061c92a420b676834a4f6514e63b508fffb3c209c663f7cf938da619eee70b6b32042712d2986af61e7b54820f69c14c5aaa9cb97b50a74e793287619f0150aaf6f6e5fd9f7b6fcb32a5f6b682a1713c9af879fcf0bfadbd1bb3d3f6a43d9ca67e45525d7a65cf656b839b1805ddc1d1a372d899eb172fa6a96c6f8574bc7cdc227808fc54483fa1a77e5718226929fd1cf0cdec0455e471d0d07ae869bacf3dad67eabca65f2e341e1e86b4213e87024f4c0c970087cff0b82f64a868139503130751ba24a076703ed56f68054c5080c03b025a42f5bcf482f664066ca9e345d33bff462ec7afa3ae921a46fd0850aca23659cd08c1c859a88102c3442045c3b2cf0c6a4acddd90403b2a08e4c25fe995968e1dd5bfd243b9b65b9d9ba95bce8f06e43fe8232f244a78cfcb3661252875e13ed096feb5d1441ea37931c9823d8418b89b9cb163a2747810d0d948cceae5b7e5a3f399e0a67385b287260afbc8ca48e04ea193428fb1d86af66a2f53b3959e4c412028f90633b28d0374b4fa587199c77914cb2da31ae37b6ac2c8792e70dd0d1599a57530020d69c955c8e1084cbd86935e91800d1641b722259f9c5c27028197888797880d3cccec5ca262aa14927186412d20060d762653ad5627390da515de371998234863ab83425748af1d7b2be54a985b9c950745a7e45661c2c1489f22139896fa1f4fe32559e492b8add6c19672aeea9048803ec6277121558278f5eca872cf0d3642890e37c1c910115b6c2d606df17a6b8e0fc91f1b18422cf08267bf9b35ba59883ed5e33f37b9eec6f79b979ff0de2c30771f338d0ca8c2126e5d6b2c804331d80b6c5fdbbed307786c066a7a1d2ae5d89a98b2768aeb8c8c42b6a29962d61d67f249ed758a95c7bca12ed99b2f077198449c6d35f154f31e4342d9bc09a6e5a2550a7c2373602566caac80f960a7d5f8c3fc7ad6f57bf0b6ba77530c5e9bb0ea485b5fc2360aa189600c0d47fd030ba854c2ca2e74161cfd3c5c9d70c3c9727d0bab101a2259a116917a1666bb4fa1af8bcdec6c4465afdb67304b3f1a3c7d1fefaf62a3840f3abc05357131cca50896041453d0f6d1f4ba7dd22e32af92bfbd38a6d9cc84346cd4231a8d1ee30dd2a"}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:24 executing program 0 (fault-call:20 fault-nth:71): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:24 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000100)="8858231c7b6d37d244aed60e208c0964fc8c42c186ee9ae5e7f4d32c5ab69ba4d21397cbff24d02c4b68b02e925159b4e5d9cca077") r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020b000007000032000004000054036205001af60d39c3017f8e4f66cef9a4ef83e6001fba74a93d653c00000000000000000000000000000000"], 0x3a}}, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x111000, 0x0) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000000240)={0x100000001, 0x1, 0x0, [{0x6, 0x401, 0x5, 0x7ee14098, 0x7, 0xffff, 0x10001}]}) getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000200), 0x10) sendmmsg(r0, &(0x7f0000000180), 0x20, 0x0) recvmmsg(r0, &(0x7f00000009c0)=[{{&(0x7f0000000440)=@ax25, 0x80, &(0x7f0000000580)}}], 0x4000000000002cb, 0x22, &(0x7f0000000a80)={0x0, 0x1c9c380}) [ 567.761081][T28598] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. [ 567.849857][T28608] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 567.883799][T28590] FAULT_INJECTION: forcing a failure. [ 567.883799][T28590] name failslab, interval 1, probability 0, space 0, times 0 [ 567.907845][T28590] CPU: 1 PID: 28590 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 567.916995][T28590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.927055][T28590] Call Trace: [ 567.930352][T28590] dump_stack+0x172/0x1f0 [ 567.935075][T28590] should_fail.cold+0xa/0x15 [ 567.939678][T28590] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 567.945498][T28590] ? ___might_sleep+0x163/0x280 [ 567.950364][T28590] __should_failslab+0x121/0x190 [ 567.955310][T28590] should_failslab+0x9/0x14 [ 567.959822][T28590] kmem_cache_alloc_trace+0x2d1/0x760 [ 567.965194][T28590] ? vfs_unlink+0x560/0x560 [ 567.969705][T28590] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 567.975429][T28590] ? map_id_up+0x19c/0x320 [ 567.979856][T28590] resv_map_alloc+0x47/0x380 [ 567.984562][T28590] hugetlbfs_get_inode+0x27/0x460 [ 567.989601][T28590] hugetlbfs_mknod+0x52/0x130 [ 567.994568][T28590] hugetlbfs_mkdir+0x29/0x70 [ 567.999162][T28590] vfs_mkdir+0x433/0x690 [ 568.003418][T28590] ovl_create_real+0x287/0x420 [ 568.008190][T28590] ovl_workdir_create+0x350/0x530 [ 568.013244][T28590] ? ovl_mount_dir+0x1d0/0x1d0 [ 568.018024][T28590] ? __mnt_want_write+0x1f1/0x2f0 [ 568.023062][T28590] ovl_fill_super+0x1089/0x3bb8 [ 568.027940][T28590] ? ovl_show_options+0x550/0x550 [ 568.032965][T28590] ? up_write+0x1c/0x150 [ 568.037226][T28590] ? sget_userns+0x105/0x560 [ 568.041825][T28590] ? get_anon_bdev+0xc0/0xc0 [ 568.046853][T28590] ? sget+0x114/0x150 [ 568.050861][T28590] ? ovl_show_options+0x550/0x550 [ 568.055889][T28590] mount_nodev+0x68/0x110 [ 568.060224][T28590] ovl_mount+0x2d/0x40 [ 568.064277][T28590] ? ovl_own_xattr_set+0x10/0x10 [ 568.069254][T28590] legacy_get_tree+0xf2/0x200 [ 568.073918][T28590] vfs_get_tree+0x123/0x450 [ 568.078403][T28590] do_mount+0x1436/0x2c40 [ 568.082721][T28590] ? copy_mount_string+0x40/0x40 [ 568.087648][T28590] ? _copy_from_user+0xdd/0x150 [ 568.092485][T28590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 568.098703][T28590] ? copy_mount_options+0x30e/0x440 [ 568.103897][T28590] ksys_mount+0xdb/0x150 [ 568.108148][T28590] __x64_sys_mount+0xbe/0x150 [ 568.112809][T28590] do_syscall_64+0x103/0x610 [ 568.117384][T28590] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 568.123254][T28590] RIP: 0033:0x457e29 [ 568.127139][T28590] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 568.146721][T28590] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:36:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x10000) bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x10000, 0x4, 0x2346, 0x1, 0x7, 0x20}, 0x1}, 0xa) ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000080)=0x73) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KDSETLED(r3, 0x4b32, 0x200) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 568.155109][T28590] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 568.163058][T28590] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 568.171024][T28590] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 568.178993][T28590] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 568.186946][T28590] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 568.205428][T28598] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.1'. [ 568.216555][T28608] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 568.226291][T28590] overlayfs: failed to create directory ./file1/work (errno: 28); mounting read-only [ 568.237425][T28590] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off. 02:36:25 executing program 0 (fault-call:20 fault-nth:72): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:25 executing program 5: r0 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x80000000003, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x80000000038) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x400, 0xffffffff}, &(0x7f0000000040)=0x8) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000240)={0x94, &(0x7f0000000180)="d449357e9e30c9835c4b4f2050f9e2885e7a64f3386282da01da39ecc4e3c53b28945f902b000d60fa09530d829e672b54ac872db80899a77d996dac0f87ba9766aaaf4846bde61675f5e072c06af2a7b327a9a8a139d71a485f3a82ff3a5c3e6877ac449a2b9be120c62f4038254b345d32b8d71747b6c0aa33a2d62655f10158112f052d8ca8cda894d9c0688893347926168e"}) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r1}, &(0x7f0000000100)=0x8) 02:36:25 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x301800, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@ipv4={[], [], @loopback}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000000080)=0xe8) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r2, &(0x7f0000000040)='./file0\x00', r3, r4, 0x1000) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:25 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000300)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r3, 0x0) pipe(0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff, 0xf}, 0xfffffffffffffed9) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002a00)={&(0x7f00000000c0), 0xc, 0x0}, 0x20000080) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0) r4 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x101, 0x100) getresuid(&(0x7f0000000200)=0x0, &(0x7f0000000240), &(0x7f0000000280)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0}, &(0x7f0000000380)=0xc) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x2181020, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_none='cache=none'}, {@mmap='mmap'}, {@access_uid={'access', 0x3d, r5}}, {@cachetag={'cachetag', 0x3d, '/dev/nullb0\x00'}}, {@cache_mmap='cache=mmap'}, {@version_L='version=9p2000.L'}, {@cache_mmap='cache=mmap'}], [{@appraise='appraise'}, {@smackfsroot={'smackfsroot', 0x3d, '\\'}}, {@subj_user={'subj_user', 0x3d, '/dev/nullb0\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/nullb0\x00'}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@uid_eq={'uid', 0x3d, r6}}]}}) io_setup(0x101, &(0x7f0000000040)=0x0) io_submit(r7, 0x2000000000000246, &(0x7f0000001540)=[&(0x7f0000000140)={0x50a000, 0x0, 0xd, 0x0, 0x0, r1, &(0x7f0000000000), 0xfffffce4}]) ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000100)) sendto$inet(r0, &(0x7f0000000200), 0x0, 0x20008011, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0) [ 568.585122][T28626] FAULT_INJECTION: forcing a failure. [ 568.585122][T28626] name failslab, interval 1, probability 0, space 0, times 0 [ 568.600736][T28626] CPU: 0 PID: 28626 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 568.609869][T28626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 568.619919][T28626] Call Trace: [ 568.619944][T28626] dump_stack+0x172/0x1f0 [ 568.619967][T28626] should_fail.cold+0xa/0x15 [ 568.619987][T28626] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 568.620007][T28626] ? ___might_sleep+0x163/0x280 [ 568.620026][T28626] __should_failslab+0x121/0x190 [ 568.620045][T28626] should_failslab+0x9/0x14 [ 568.620061][T28626] kmem_cache_alloc+0x2be/0x710 [ 568.620086][T28626] __d_alloc+0x2e/0x8c0 [ 568.620104][T28626] ? debug_smp_processor_id+0x3c/0x280 [ 568.647834][T28626] d_alloc+0x4d/0x2b0 [ 568.661299][T28626] ? __lock_acquire+0x55d/0x4710 [ 568.661320][T28626] d_alloc_parallel+0xf4/0x1bc0 [ 568.661347][T28626] ? debug_smp_processor_id+0x3c/0x280 [ 568.661365][T28626] ? __d_lookup_rcu+0x6c0/0x6c0 [ 568.661379][T28626] ? __d_lookup+0x40c/0x760 [ 568.661395][T28626] ? lockdep_init_map+0x10c/0x5b0 [ 568.661410][T28626] ? lockdep_init_map+0x10c/0x5b0 [ 568.661430][T28626] __lookup_slow+0x1ab/0x500 [ 568.661446][T28626] ? vfs_unlink+0x560/0x560 [ 568.714494][T28626] ? lockdep_hardirqs_on+0x418/0x5d0 [ 568.719804][T28626] ? d_lookup+0x19e/0x260 [ 568.724169][T28626] lookup_one_len+0x16d/0x1a0 [ 568.728855][T28626] ? lookup_one_len_unlocked+0x100/0x100 [ 568.734504][T28626] ovl_workdir_create+0x182/0x530 [ 568.739544][T28626] ? ovl_mount_dir+0x1d0/0x1d0 [ 568.744320][T28626] ? rcu_read_lock_sched_held+0x110/0x130 [ 568.750039][T28626] ? preempt_count_add+0xbc/0x1b0 [ 568.755074][T28626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 568.761325][T28626] ? __mnt_want_write+0x1f1/0x2f0 [ 568.766362][T28626] ovl_fill_super+0x1089/0x3bb8 [ 568.771244][T28626] ? ovl_show_options+0x550/0x550 [ 568.776267][T28626] ? up_write+0x1c/0x150 [ 568.780521][T28626] ? sget_userns+0x105/0x560 [ 568.785124][T28626] ? get_anon_bdev+0xc0/0xc0 [ 568.789724][T28626] ? sget+0x114/0x150 [ 568.793718][T28626] ? ovl_show_options+0x550/0x550 [ 568.798743][T28626] mount_nodev+0x68/0x110 [ 568.803076][T28626] ovl_mount+0x2d/0x40 [ 568.807164][T28626] ? ovl_own_xattr_set+0x10/0x10 [ 568.812111][T28626] legacy_get_tree+0xf2/0x200 [ 568.816805][T28626] vfs_get_tree+0x123/0x450 [ 568.821337][T28626] do_mount+0x1436/0x2c40 [ 568.825683][T28626] ? copy_mount_string+0x40/0x40 [ 568.830644][T28626] ? copy_mount_options+0x248/0x440 [ 568.835850][T28626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 568.842096][T28626] ? copy_mount_options+0x30e/0x440 [ 568.847304][T28626] ksys_mount+0xdb/0x150 [ 568.851556][T28626] __x64_sys_mount+0xbe/0x150 [ 568.856236][T28626] do_syscall_64+0x103/0x610 [ 568.860822][T28626] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 568.866704][T28626] RIP: 0033:0x457e29 [ 568.870599][T28626] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 568.890216][T28626] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 568.898630][T28626] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 568.906597][T28626] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 568.914554][T28626] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 568.922517][T28626] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 568.930478][T28626] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 568.953832][T28626] overlayfs: failed to create directory ./file1/work (errno: 12); mounting read-only [ 568.963950][T28626] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off. 02:36:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x101000, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000040)={0x0, 0xfffffffffffffff9}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:27 executing program 0 (fault-call:20 fault-nth:73): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:27 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00') sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000000540)}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") ioctl$RTC_AIE_OFF(r0, 0x7002) preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000) 02:36:27 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3f, 0x80000) r1 = openat$cgroup_ro(r0, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0) getdents(r1, &(0x7f0000000280)=""/135, 0x200009cf) 02:36:27 executing program 1: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000040)) r0 = socket(0x10, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vcan0\x00', 0x0}) r2 = getpid() fsetxattr$security_ima(r0, &(0x7f0000000000)='security.ima\x00', &(0x7f0000000080)=@sha1={0x1, "22a91fb57a3379947b158afb8cf985b24a9c1223"}, 0x15, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f00000004c0), 0xc, &(0x7f0000000380)={&(0x7f0000000040)=@setlink={0x30, 0x13, 0x601, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_VFINFO_LIST={0x8, 0x16, [{0x4}]}, @IFLA_NET_NS_PID={0x8, 0x13, r2}]}, 0x30}}, 0x0) 02:36:27 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000680)=""/246) ioctl$PPPIOCSMAXCID(r0, 0x4004743c, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000040)={0x4, 0x3, {0x3, 0x2, 0xfffffffffffffffd, 0x1, 0x800}}) 02:36:27 executing program 3: r0 = socket(0x2, 0xa, 0x0) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) accept$unix(r0, &(0x7f0000000040)=@abs, &(0x7f0000000480)=0x6e) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000680)=@broute={'broute\x00', 0x20, 0x1, 0x3b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000030000000000000000006970366772653000000000000000000073797a6b616c6c657231000000000000697036746e6c3000000000000000000001616d61000000004ab2cec800000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000a8020000a80200002003000062706600000000000000000000000000000000000000000000000000000000001002000000000000fbffffff00000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000080000000000000000000000000339ebc4bb0c0fba43162d5c302d891b307544d821a0dcb492ba4aa23baaca6e53f392b79c58e0581db804208237c3df1c60b6b34da2747cd3200fbb3845112260000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000fcffffff00000000"]}, 0x428) 02:36:27 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f00000000c0)={0x0, 0x48, "0328000c34b434f7285f6f026cd8991cfc3dee03d0a69b62ee652d7cc1d1b70b598352f1d25046f87b0ec54bd79f0dc60e02d9bbba83d0ad82711d798aa671bbbed5b56163b0fe52"}, &(0x7f0000000040)=0x50) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={r4, 0x6}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0x1bb1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000001e000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 02:36:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:27 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xffffffffffffff00, 0x480) ioctl$VIDIOC_STREAMOFF(r2, 0x40045613, &(0x7f0000000040)=0x2) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 570.950400][T28679] syz-executor.1 (28679) used obsolete PPPIOCDETACH ioctl 02:36:27 executing program 3: capset(&(0x7f0000002ffa)={0x20080522}, &(0x7f0000000000)) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r0, r0, r0) [ 571.019503][T28658] FAULT_INJECTION: forcing a failure. [ 571.019503][T28658] name failslab, interval 1, probability 0, space 0, times 0 02:36:27 executing program 1: r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mISDNtimer\x00', 0x0, 0x0) read(r0, &(0x7f0000001200)=""/4096, 0x1000) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000000)={0x0, 0xb1, "9dca14f7857ae9e36cd66670e02160985f1aa32f10bc65d512b8e29da763588f4c22dc92dcc972bca28bc75d7ee2a5cf48133052eab369996c9af5430244758c8c9c40de90a44dd1e9fe13223724838237c9d77657c9d6aaa56d6cc36bb2f39ce65924c4bfa63ffa56d7ada78ab5c1b404c34f09d0ebfda36df5f318c6d924741d2f5916eae41d087cfd37f0235ec0cae87fda8b81008bee5218f9d332a1907647f740f3b83603cccf708405eb128cb0d2"}, &(0x7f0000000140)=0xb9) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x8, @local, 0x8}}, [0x9, 0x2, 0x6, 0x6, 0x8, 0x401, 0x5, 0x3, 0xfffffffffffffffe, 0x4, 0x6, 0x7, 0x7, 0x5]}, &(0x7f0000000280)=0x100) getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={r3, 0xffffffffffffffc1, 0x10000, 0x5, 0xc11, 0x68a792b5, 0x74, 0x1, {r4, @in={{0x2, 0x4e22, @empty}}, 0x80000001, 0x3, 0xc1, 0xa8e6, 0x8}}, &(0x7f0000000380)=0xb0) ftruncate(r2, 0x8200) r5 = open(&(0x7f00000000c0)='./bus\x00', 0x101002, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r5, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000700)=0x36) [ 571.078933][T28658] CPU: 0 PID: 28658 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 571.088100][T28658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.098161][T28658] Call Trace: [ 571.101471][T28658] dump_stack+0x172/0x1f0 [ 571.105812][T28658] should_fail.cold+0xa/0x15 [ 571.110417][T28658] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 571.116245][T28658] ? ___might_sleep+0x163/0x280 [ 571.121110][T28658] __should_failslab+0x121/0x190 02:36:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 571.126146][T28658] should_failslab+0x9/0x14 [ 571.130659][T28658] kmem_cache_alloc_trace+0x2d1/0x760 [ 571.136044][T28658] ? retint_kernel+0x2d/0x2d [ 571.140650][T28658] resv_map_alloc+0x47/0x380 [ 571.145251][T28658] hugetlbfs_get_inode+0x27/0x460 [ 571.150289][T28658] hugetlbfs_mknod+0x52/0x130 [ 571.154981][T28658] hugetlbfs_mkdir+0x29/0x70 [ 571.159947][T28658] vfs_mkdir+0x433/0x690 [ 571.159980][T28658] ovl_create_real+0x287/0x420 [ 571.159999][T28658] ovl_workdir_create+0x350/0x530 [ 571.160028][T28658] ? ovl_mount_dir+0x1d0/0x1d0 [ 571.160056][T28658] ? __mnt_want_write+0x1f1/0x2f0 [ 571.160077][T28658] ovl_fill_super+0x1089/0x3bb8 [ 571.160108][T28658] ? ovl_show_options+0x550/0x550 [ 571.169068][T28658] ? up_write+0x1c/0x150 [ 571.169091][T28658] ? sget_userns+0x105/0x560 [ 571.169109][T28658] ? get_anon_bdev+0xc0/0xc0 [ 571.169123][T28658] ? sget+0x114/0x150 [ 571.169140][T28658] ? ovl_show_options+0x550/0x550 [ 571.169154][T28658] mount_nodev+0x68/0x110 [ 571.169169][T28658] ovl_mount+0x2d/0x40 [ 571.169183][T28658] ? ovl_own_xattr_set+0x10/0x10 [ 571.169196][T28658] legacy_get_tree+0xf2/0x200 [ 571.169213][T28658] vfs_get_tree+0x123/0x450 [ 571.238515][T28658] do_mount+0x1436/0x2c40 [ 571.242865][T28658] ? copy_mount_string+0x40/0x40 [ 571.247789][T28658] ? __sanitizer_cov_trace_const_cmp8+0xc/0x20 [ 571.253924][T28658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 571.260164][T28658] ? copy_mount_options+0x30e/0x440 [ 571.265349][T28658] ksys_mount+0xdb/0x150 [ 571.269588][T28658] __x64_sys_mount+0xbe/0x150 [ 571.274252][T28658] do_syscall_64+0x103/0x610 [ 571.278831][T28658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 571.284717][T28658] RIP: 0033:0x457e29 [ 571.288595][T28658] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 571.308181][T28658] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 571.316574][T28658] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 571.324526][T28658] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 571.332478][T28658] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 571.340447][T28658] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 571.348401][T28658] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 571.412285][T28658] overlayfs: failed to create directory ./file1/work (errno: 28); mounting read-only [ 571.427010][T28658] overlayfs: fs on './file1' does not support file handles, falling back to index=off,nfs_export=off. 02:36:28 executing program 0 (fault-call:20 fault-nth:74): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:28 executing program 3: r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x0, 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x101000, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x6) 02:36:28 executing program 5: r0 = socket$packet(0x11, 0x20000000000000a, 0x300) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xffff, 0x20000) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@remote, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000040)=0xe8) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f00000001c0)={r2, 0xe66, 0xfff, 0x8, 0x0, 0x2, 0xfff}) ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0x100}, {0x80000006}]}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000240)=@raw={'raw\x00', 0x9, 0x3, 0x408, 0x0, 0x190, 0x190, 0x0, 0x0, 0x338, 0x338, 0x338, 0x338, 0x338, 0x3, &(0x7f0000000200), {[{{@ipv6={@ipv4={[], [], @rand_addr=0x4f}, @mcast1, [0x0, 0x0, 0xffffffff, 0xffffffff], [0xff000000, 0x0, 0xffffffff, 0xff000000], 'ip6_vti0\x00', 'batadv0\x00', {0xff}, {0xff}, 0x6c, 0x800, 0x1, 0x7d93b24c9839cb52}, 0x0, 0x120, 0x190, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}, @common=@ah={0x30, 'ah\x00', 0x0, {0x4d3, 0x4d3, 0x80000000, 0x7fff, 0x2}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x5, 0x0, 0x9, 0x0, 0x0, "192b1925a23b83fb53613448d3fb9a89d7b782f494567034e744ed18cc02ead32af814775643a5fd5ac008be83f2345968d9d866a3ce1e16576dbdbbd86f9d5f"}}}, {{@ipv6={@local, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, [0xff000000, 0xffffffff, 0xffffffff, 0xff0000ff], [0xffffffff, 0xffffffff, 0xffffffff], '\x00', 'syzkaller1\x00', {0xff}, {}, 0x73, 0xfffffffffffffff7, 0x4, 0x52}, 0x0, 0x140, 0x1a8, 0x0, {}, [@common=@dst={0x48, 'dst\x00', 0x0, {0x100000000, 0x1, 0x1, [0x7, 0x0, 0x5, 0xc, 0x4, 0xfffffffffffffff8, 0x8, 0x12, 0x7d9, 0x800, 0x0, 0x58, 0x20, 0x1, 0x4, 0xe0da], 0x8}}, @common=@frag={0x30, 'frag\x00', 0x0, {0xbf19, 0x0, 0x9, 0x4, 0x3}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x10, 0x2, 0x3, 0xffffffff, '\x00', 'syz1\x00', 0x2}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x468) 02:36:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x602040, 0x0) write$UHID_INPUT2(r2, &(0x7f0000000040)={0xc, 0xf8, "9191070fc89b0b1df06bf47f042299df51b4c60dec3385dbb352bea560313076a18c1f7dfd6bfd5a2f69fc7b72964e10a85515a60520a74d88bd61f8c27357da31667e2cc8cd77e9234d80e6d9893ad4434f3529835a7cc09151c848090562a62e2fa021c15d184217538539c85ccc821325092521c5c1797a7f57d7ba9686665ce2815594d885a0ca41b43fdcfc90a25190f79197a03f327300d21620991020843f1e6f97e09f14abd3490438cb61107f3b89c396547edadc1c22066ed1ac68f91e77509a13471d850d5ba1bd57226985c8f3adca808a0b2de3fc317bb2a148121001f5aa6a87afcc8d0ef64e3eafd4c056939f8e74b7bb"}, 0xfe) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:28 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x10000, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000240)={0x0, 0x29a93f58}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000340)={r2, 0x9cc7, 0x80, 0x7f, 0x0, 0x2, 0x3f, 0x6, {r3, @in6={{0xa, 0x4e21, 0xff, @empty, 0x70c}}, 0x9, 0x5, 0xfffffffffffffc00, 0x3f, 0x20}}, &(0x7f0000000400)=0xb0) r4 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r5 = socket$kcm(0xa, 0x40102000000003, 0x11) setsockopt$sock_attach_bpf(r5, 0x29, 0x24, &(0x7f0000000040), 0x4) sendmsg$kcm(r5, &(0x7f0000000300)={&(0x7f0000000180)=@un=@abs, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000080)="f4001100002b2c25e994efd18498d6623abaa68754a3ffffff8002000000000000000000000000003a000003e8000000630195c1e2d4f32e", 0x38}], 0x1}, 0x0) keyctl$search(0xa, r4, &(0x7f0000000180)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, r4) 02:36:28 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='pids.events\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000140)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0xd, 0x401) ioctl$TIOCMSET(r2, 0x8008551c, 0x0) getsockopt$netrom_NETROM_T1(r2, 0x103, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 02:36:28 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, 0xfffffffffffffffe, 0x20000, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r3, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0x64, r4, 0x2, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x20fd}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@empty}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0x64}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x208200, 0x0) ioctl$PPPIOCGL2TPSTATS(r5, 0x80487436, &(0x7f0000000040)="a0752f1343e840d495eeabfff6244dee7c0953b976b6838541ef838a8cda5a4b114811afa6584c613e24c2808f95d8d87c235fe7e512617fb1503d88b04a9815a33ccbcc56b7eff94d1a7bcc7876893be3411f0042475246dd9450f0c372aa192bf66859b67c5f7b1e62a7dc7330e635095ac448d18427179c32aba769baf10d0d615d04415922a3387a713f4da708b18730e8725bdd32b7d6bbf810024205b9d0040218914bf812ed4847115360b0f5a585c0e563d49c8575e30eb090b791a555d30b28f0f01fd4723fae17e2de01") 02:36:28 executing program 3: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x100) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) sendmmsg(r1, &(0x7f00000002c0), 0x1f5, 0x20007ffc) r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000180)="0adc1f023c123f3188a070") r4 = socket$inet6_sctp(0xa, 0x200000000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x76, &(0x7f0000ad2000), &(0x7f0000000080)=0xfdd2) lseek(r2, 0xfffffffffffffffc, 0x4) 02:36:28 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='t\x84syks\x00', 0x2, 0x0) sendfile(r0, r1, &(0x7f0000000040)=0xffd, 0x10a008008) [ 571.822173][T28722] FAULT_INJECTION: forcing a failure. [ 571.822173][T28722] name failslab, interval 1, probability 0, space 0, times 0 [ 571.865229][T28722] CPU: 0 PID: 28722 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 571.874368][T28722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.874375][T28722] Call Trace: [ 571.874398][T28722] dump_stack+0x172/0x1f0 [ 571.874424][T28722] should_fail.cold+0xa/0x15 [ 571.896682][T28722] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 571.902500][T28722] ? ___might_sleep+0x163/0x280 [ 571.907358][T28722] __should_failslab+0x121/0x190 [ 571.907379][T28722] should_failslab+0x9/0x14 [ 571.907395][T28722] kmem_cache_alloc+0x2be/0x710 [ 571.907413][T28722] ? lock_downgrade+0x880/0x880 [ 571.907428][T28722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 571.907446][T28722] __alloc_file+0x27/0x300 [ 571.907461][T28722] alloc_empty_file+0x72/0x170 [ 571.907479][T28722] dentry_open+0x70/0x1d0 [ 571.907497][T28722] ovl_path_open+0x56/0x70 [ 571.907517][T28722] ovl_check_d_type_supported+0x98/0x230 [ 571.956327][T28722] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 571.961767][T28722] ? ovl_dir_fsync+0x3c0/0x3c0 [ 571.966522][T28722] ? __mnt_want_write+0x1f1/0x2f0 [ 571.971548][T28722] ovl_fill_super+0x10c7/0x3bb8 [ 571.976394][T28722] ? ovl_show_options+0x550/0x550 [ 571.981395][T28722] ? up_write+0x1c/0x150 [ 571.985802][T28722] ? sget_userns+0x105/0x560 [ 571.990388][T28722] ? get_anon_bdev+0xc0/0xc0 [ 571.995445][T28722] ? sget+0x114/0x150 [ 571.999415][T28722] ? ovl_show_options+0x550/0x550 [ 572.004425][T28722] mount_nodev+0x68/0x110 [ 572.008740][T28722] ovl_mount+0x2d/0x40 [ 572.012790][T28722] ? ovl_own_xattr_set+0x10/0x10 [ 572.017710][T28722] legacy_get_tree+0xf2/0x200 [ 572.022372][T28722] vfs_get_tree+0x123/0x450 [ 572.026859][T28722] do_mount+0x1436/0x2c40 [ 572.031182][T28722] ? copy_mount_string+0x40/0x40 [ 572.036113][T28722] ksys_mount+0xdb/0x150 [ 572.040355][T28722] __x64_sys_mount+0xbe/0x150 [ 572.045017][T28722] do_syscall_64+0x103/0x610 [ 572.049594][T28722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 572.055467][T28722] RIP: 0033:0x457e29 [ 572.059359][T28722] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 572.078945][T28722] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 572.087334][T28722] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 572.095289][T28722] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 572.103244][T28722] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 02:36:28 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@mcast1, 0x0, 0xff}, 0x0, @in6=@local, 0xffffffffffffffff}}, 0xe8) r1 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x8000000000000008, &(0x7f00000000c0), 0x4) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020b000102000000000040000000001f"], 0x10}}, 0x0) sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="021200000200000009000097d3d34473"], 0x10}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) recvmmsg(r1, &(0x7f0000000f00), 0x400000000000308, 0x10000, &(0x7f0000001000)={0x77359400}) r3 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) ioctl$RTC_VL_CLR(r3, 0x7014) [ 572.111201][T28722] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 572.119151][T28722] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:28 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x22) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000001c0)='devpts\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x40020, &(0x7f0000000140)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) [ 572.358144][ C0] net_ratelimit: 28 callbacks suppressed [ 572.358151][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 572.369697][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 572.375517][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 572.381330][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 572.387155][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 572.392982][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 572.518148][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 572.524036][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 572.598152][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 572.604041][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$VIDIOC_S_TUNER(r1, 0x4054561e, &(0x7f0000000080)={0x100, "a83fae9bb02a68bc27a357702e713b540efcff14957852dffe4d143347aae874", 0x5, 0x1, 0x4, 0x7, 0x0, 0x2, 0xffffffffffff7fff, 0x4}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x76, 0x0, [0x6, 0x2, 0x0, 0x2000000000000401]}) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)=ANY=[@ANYBLOB="0400000000000000000000000000faffe0c00900b6a414936686b91ac74b815ede54ca5c2f7a9517ec9a12faeaab90c9bb31d4144f3b3eb9346ef993a60347193befef77f1c430309cb7bf3b99658acffeaeb6819f"]) 02:36:31 executing program 0 (fault-call:20 fault-nth:75): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:31 executing program 5: r0 = socket$kcm(0xa, 0x3, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000040), 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000140)=@nl=@unspec={0x0, 0x3f000000, 0x3000000, 0x80fe}, 0x80, &(0x7f0000000340)=[{&(0x7f0000001680)="235db863768606681d012f629c75adfa4208d51e67688d024aface6a6ac7d846ed2fa163e15ffb509de80565b82752f5fffeffc0d4f83047fda99590d719ccb4f47bcd84c8f41a85a8446446bb4178740a8bd45ff8a106da98c21372", 0x5c}], 0x1, 0x0, 0x0, 0x6000}, 0x0) r1 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x1, 0x2) ioctl$SG_GET_VERSION_NUM(r1, 0x2282, &(0x7f00000000c0)) 02:36:31 executing program 1: io_setup(0x80400000000002, &(0x7f00000000c0)=0x0) r1 = memfd_create(&(0x7f00000001c0)='@u\x03\x00\x000\xa6\xc9\xf4\x89K\x16\xa6\xc1\xcc\xfcj\x97', 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x14000, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xffffffffffff8000, 0x121400) r4 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x6, 0x101000) r5 = syz_open_dev$dspn(&(0x7f0000000740)='/dev/dsp#\x00', 0x1, 0x80) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f0000000400)={0x18, 0x0, {0x0, @random="186a12c61734", 'gretap0\x00'}}) r7 = fcntl$dupfd(r6, 0x80000406, r6) io_submit(r0, 0x8, &(0x7f0000000a00)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x5f95, r1, &(0x7f0000000280)="f82a62835cf41a5d25d1ec6318f8edf2a12a32502873718fd3046092faffc17948d70c7962888436e412dd67217fffb4ecb3a5c8c1fc0fa194cb42f6b60cef0e58d9050d779c45b558f58909c5f6d8b128af50f8ea362d0ae9671e353302ec499b70dffad9b3f81880565e586369bb3dd7f399a0e4a55216341aad57ca7010e6d93eb16bd841674a043199b536943347054f95e8e5f7de9a97f64960ba3768a0ad77cb63ceee7627f49ef9459f4aff62d1e40ea08f2717cd21a9a66372f9926e2d990cb6", 0xc4, 0x8, 0x0, 0x0, r2}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x84b, r1, &(0x7f0000000440)="0972edef1648aa8b0ab32e6227934781149d0f10860037ab28803b7a91490f87851a7408afcf39155abb9a46d83866a1cf23533b56adbc8aa90ddba974fd7e261d5a652da052ef8fcf4d6d1bbe8803b383616c0c918b64bfb76f53c8c6e7be2c817e4ee96946f8fbebfb87273983a1a9e514698ae2d7aa3e028a77bc13ec730bf651c1293711336cb4b204db1e767bd2eee1cb1ed1bc9804a3729ff5e39588311297e6d23ca1f1295c5a3418b9369f2be839a468cb01f2eb3286ab89a83f2f23b215b82c105e1df688b273e6dd9e0da55dc2cd7bf694255238c2eda1df9a7f5db7cc4d101f261095c284a0", 0xeb, 0x10000, 0x0, 0x1, r3}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x7, r1, &(0x7f0000000540)="2daee3978f4dd96dd7f9bdf96d26dc0987fe62c9f5255da389867ec53187e2541fa2cc85e24d48d095cc343bdaf3e54bba99834fa1beba3b45037ffa72cec168eac5f31b0832ab8f39f095f16215a034e078e587c254f9ad62715b7e47efa2855e548d0cfd0c567c8401dc8e2afee84be6f1d49df15083a37fe840e6163a88120389583a0f60cad2be6f3ecd646eae967861ca28c8a3d5e0947bf736d3f679cd122b2934ad2f7c19f4b042e41cbdd89492a74d59e618a475abcffcf061666cff5ef56bfec12b", 0xc6, 0x3ff, 0x0, 0x0, r1}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x7, 0x15ba, r1, &(0x7f0000000640)="b1ef533a34f62ae70cdff43ae4b57f109bdb1af48cf70e590492410e167d1a57e7d655460989df489a7005739a9c80e731ea4cab4f6774bbcaf0db055398f77834500a468c2d9cc0e70bb4836463a3c598a5a3f53d91d502e6d00e3329d5f555af6cda902b19b9abc7e418162cdda6ea4468fdfffccb04c8e677cc17188dc8dbeb0023b060396303380eabe969d473e5ca0d0e2e031ef0d6930fb78d5332f91015b60cbaa61cf256377d27ad202c359655a4e34976b20d1cd88f66f2befb30fc6ebb103d9d371253c332b3cc5bd9d0c5089d9d9e1b0f4fb5a917", 0xda, 0x2, 0x0, 0x0, r4}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x3, 0x8000, r1, &(0x7f00000003c0)="9b7cce32ca077d", 0x7, 0xff, 0x0, 0x0, r5}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x6, 0xba60, r1, &(0x7f00000012c0)="21941aa8065930338913b708e2e30915f4f3ca2e75e4c545a2f093b3f1810ecac907d28d03e9be207b8d4e09e0e64792500434c4833654586335b29b2303930369dd048790a584de853c09e62ee8a731f324596e8d4f653dfd9efae2e77db88606fea809f8cf6c4a86dd4e202d7f4d5db0ecbe5a36d9120a2a5b149ae3d608d215ed52ab2b46cc6e89c2c161150e3a2ca59d6f606f8d330eaee261808e50fcc80e4af4b39755a0c1decb4325b7b6dc3b8fef9fb2cf9ee9fd9ae97e4f886bd36bf3ae94b1bbb48f9f8fa140a9c3370b6d8f676f340e7be0599613af81916931cf2afdafe4fc2ef69ba0026759faaf582f888097d6b25701f4c80d1ac9f014893efa084bc0bc2b3f4ae96b3c6f706803f90f5ff211a26b1b31ce4f1b1f7876799878306f8cf9c6a3a88161b96e64e1d548febf32ba9ae2def904310c5fa5bb013c1f48128ec91678626ee14f0a83fa58da0df2bd4c2201aaf77922bcf118183552815a9914387e2a6b90969673173887fe12349a68f00484f0afe98014b8d222439a42c1c14007e74633ff51694a50b099fd2ea6fd72105ee29b6669aba67d0c3a2971a13747e75a4a263caa3c6b8e74ad2847adf7eca500892ab33e29efc4c50a3faee07545de567751cce38f643f778d110fa1eae838db3cc0bcd6d6ff681a54e341748b0c9ee1d3189143abef4d7a6e6d611003a82ee2c3f679d22c61984df74a97d04d7fcadbafe90692fc4321f8d708d90590118f5771dcfcb612b0b62fc79463d9f2fac42e386782ce5a2713f347ca4238ec41b14ae83745c9c1783a833d3b5fc6bbbf9d4a85a7cfc42b7de5f4deff2736b60d20e17c5e263e03e1c9887a6e279bc4a55234340b312b9fd5222e29454b880ef9fec4cd5b234987f525025106e4c19e52ae24007dfdf360fa00657348ce0745f7955f4b7be69b746ddd531a7702b537a3f7efe41fa54d97944dafff5f82df2f87ad2458e9211f92ba23147babd050a6c759f0866679d36ba93d2275f7fd08164f58e880d26666c6656d118c7b64bacd31b5a765ff811debe53a95c0f153a2e41940ad90b57912d2fcec1589b96215a75848efc18f3a9f89e33dd3dde6ea4a9feb69c8759968551b68168ceb859d8bc044a02fe7121ca67949bb23bf2f0397e86dda1ec44c160360c458e31d457927341a374ceaeb9e9fc471d0690bbed2357913c0921293c198b53f0724eee64ae7f3e14c6acbe79b96af6ce5c297d961393d2fc18403832650a3164ebaa65ab4d882d59ca7452f1491ae69ca6e0011389f5c8130a729328a5c981cfc3d84bb5b5cd05b70f8ce2dcbf01f6ec6b7600c354fd7384dee6807db9665b0c9a0305af89718adb218b4ee7f9436ca422227af463941aa4c499f70e78d8c3ecc81bcb8b9be491d369e1c8024d0b11615070fbb22622ddd909843cc682dc369f174be31928be9cb738bd3cc5fb67d6171993ed06659014d58d21a74cd648e4ea848138bc65f907e42e01a417cf7ba5adfa49efa268774f820dcefa3e8f3a5e2640f0701a38fa4874fae365590c2f2ae3ec7517f557dd063fdfb4364bdcb005cbfc7b4a38f20b443ee707b1926bddcd738de2dc8ecdbf88239bd46c79ead46659cac56fbb25333025df9eb85528178b6099584e993a119331f84de8bf9d60ae9ed08a95fd8f45ef9cbb64ff8f6b6da7e10da3cabf2116af03dec57f46bcfd1e8f7412688a8f9f52a6c81f999327b6b87def2e67be3079116727f74d83807895bcc93280b71e48cefcf4cc79d6348888ca43fc98bbffeb6df7d821a021b983e8f6a2f7e1270590525cd74b7e819ffc11118f0d44110c21296f0cb74f4ebf270a176ec440f210d215a3ddf399448390dcc701e3f1094dcaee967c3b280a8435c286c6c2003b5f3b92aa085db71c1d4d8e07725015ba388a9e434df63af6762bedec3c781b394fcd51853be8a7d0347af3e309cad9eee2e0c1e0c6309e36e4125f3642364ca54ac2098b120d0636e18f701885bdb5a929bc00e2022460288b245d19a27dbfe10c7bc518009707d2abd48da52f9c67c9551071e8bde4a1090abf6e1a3ffc18793e5f3b65a09d4f28a1b3cb6ab8e1a87c1e629b7af6f0520ead691b942854d9a5465dc2dbeb7af896ae67154cacda561abcd66bc97f87e52f9fc6484ca28fb24e78f5a26d74bafe5f23b070446ca3cb46148915213357c937e7fb08ab1494accd82970c4afa5baf48922bcb3c39d9c8b4862b76da4dd4f2121d578d94d2dd7f9cfddfae5878343d6515a5a722f7c274265e3d149c2e351449e853dca55365694e68c541d7007acc365e5c330780298e80d96492deb6d3357e292965786432873fd7ead4efe26a586da299c0597021e8b52c8a54075a1c3b85614fa5c11905c7fea37220fbc5677d6c47a608499eba6307be12bb94cc36d2d492a1907a2069c559d4a95f58f07f770ce6d832ec0d0c7ad628b682c74a0d072a0d080d863028acddbf5e887b09bf557a1638d9a4fc76fe03c6e99fbb29c42a85f74cf5e5c732d7d5509c73173e6f07508d47a755f06d4ed35527f98132f401bb5c423fe466d52e5ad5773fed40dcfaf0ee9078f7d97c52dd4693fe244237ef2fc137e8946eca90d6fd45187ba6c7ab369aa611c1816b896f886bd7867a2855f6f8fe9c4a2ae8e989b6a089ebe7acb6b44609656ba29776756f92345e8e5fc97b5d686391cbc11b9f52ef1870d25027c91ef5f0776c654bc50ac671511b1a64dca37510872b705d37e0bf245c65112848d2ff4728112ebff08931c56ef2006df388359244b1a9e3b2d51fa7e78d6417175f86849a450a58a84a968a15998eb66b2f460e751259b1b5a82241a4c45033e8b98d209333e5c1d689b0309a9f79d7d09e73427c12ac67fa8f8bf1a04221a6c65a84f225723f0c2cf5d28530fbdf78121feb51d74208d67d22909daa1e821ca36f17acf8d60f514cbd60e226ed92eba85a0a34914cb321993b097fd9af4ace9d96d674857ec4e54dbd591e97f38be73afce2f2c45133b9f2553ad94c31788789a7694308fdf62f0e12dbd1cd43a0d49eaf4ea479f05f65090c6bed2eaa3d985b972894ad6b8485a1bad9c96645d46235109c8ac344dbf239a4b92ef985587f8a724a981849af96bb75054b5291895b109cafa49a9d8a6d28c5cb08c5e9be36cc4fcb3d227e402acd2777fe5ecab2e23040c50ef8dccc4a30932f766c8fe1fc68f4efaf7e96fb0ede4ffc399bb10fe5a5286f4e39a90be47548aabc06020cd61f86a6bce12685b4261d3b20bdd725063977fb0f129f4798d0c6452b75a062ec5eea42d76ee3bcef0f33b557d7a725bc29bb7c9ded1172ed009b45dbfbd6331d01d123af31083ab6e872dab499adc9c0c5ea8ccc4bc8469a45ea20705d070adc7482a438e321a0171f2a5ebc0c303333d3cbe74da9de2c41047542b922aa4ea1c33f18368df6432cabad0a903f66895d69938fcd0377fc6b72f6d345602df10b0ceb326e1c3ece4b7a957c3f9911eb5f78790e94b2f133295d5c0ef122ff483da11a020b473213ffcccafa199715a3299434b35cf8f389df7dbc3fe8c0aee27bf136313c6b5e1891450714709176f4ce9fde0576cafef432ef9d74589eace948b8a47f876f5858fc6da70e19ae0660005e5528fb7e8b1a388935b522ae21fe4c65b00c95442ce7ffd377406ab50466ce1b94f8b7e9b895728731755a1c37eb1e65a6ec1fd1d2e34976c0cbd06b65be03ab75239fc1dd60353674647b06cb44902b5adcb24e7ac46390186f616c2c7f2cec6fd48b8afc082d39afb7f8da9e5ce6a2fb68d023b93f690e655779a6b595e6fbdd73b9833127dc67a51ce43f7a2516f43008053bc85d4a28dc156b38fc153c07ffddf6cf5fe8c090a56ec87111996506e1bc1782a920314c293dcc44d3d3e6ecefce8bfb96971cfc38a828c3c4be0ec0ccc960c88d793b8a5775a63e9511279c9dc10471475042460e260e05f9f67f30ea762dc06a95afa7f4d8c6ea280809e558490a24e9c581c238bfd3f35c4d3c5019824b69bea5d750012403fd61043e9d2abef5621067289302fdaceaa700cfc2fb34675ee4b773c2736b011b1c1d9046c4f515b8ddb75892218cc1e2783bdd8a522204c647918642719522523bc18e181659ff418603a529d533e501df08de173f37436f47db0750fef79fa0004a76a21f8955f196963ff44431435fd9c297c82f8ca4b1bdf8105f3269b682093afaf1810c53cd82629324595c627243d889beac38c1186f66f7eaff617b08a4457d20ee2f65e5aefa24b68ee250768375a72605265c724ec342ca06d8d78f5d2217924099dcd8c4f8fc226d9ce5c42fa01e12cf0bed333f82dae7c23dbf2fe1496ee84f7f391f0393e30bb6e60bb63265a913f763904c38d9924ccc5256e9a685e16103768b3ef38e23939fe9e4b2efecf564de572a537aa1ac2fa7738f13ef65a0adc8720f664327a70136dc09be0464c634b65c647e11da250f903b2ad852789a22b34d908fe0802abbf7a443444088273e14ab9e1c3985e71c6a4ff8f978ad14730fe720fc04ba5248c64903c79b2eb02d8e2f6b28d4e01d00b024acb90ded7e1cebcf4e8221f33e84b3ad6071d6a96645de334ace91e5f2bb93bab88ee160c4e98327b3cd208ca09792f84c19559ae86899ce431f1507f89a1e0889160c7a717499bea98daa1b3af7d6eb0851b4741657aa55d5a5360f11d837c8d5d1d95ba80de0b5cb3d2bf02370568aaed0c9564040a45701d24f44d01c39732adf9a294298e2736f36d355d5caf4e5162ba7a556ae3a743f18a82f187b09362889c407799335d2d861a3ccf7ba45b589890a5ea68b23f64269fbf2df9bd9fdc631c60e5a1e8dc0814e43939c6dcf642e87158ec8b3a4feb75f35c7d02be00b91a4488f1551fd1a1dbe735218ea0a173aaffa38601fa7773615b3788cd5b3d7542fd52b658522a3e838d02d723e8d820714e4eb77d03ef0959613a845a029e60fac4354b18cafdd74d0d2371fd7ff78bc9797cf77f410d696fb9837ed9f9f22a85c53dc4d07f1efbfe9b554fc4ccb615862e8a432a0f14e706785ba6a6d519d6d019caf759763fe135817d9237b249a4b19ba630a4446b1de3aa413eb12e1d183531636873e700a4ca0cc73fb6efe99f9be55314f57bf3ef5adfa261fdc93dc64634dcf47a748175cf40194517617ff0a5829e22a38af131607f48eb4b9f7f4d57ad27946f60a5d05460def0e8681e5b408976f2241721e0cba27d5e068b0165dd51cf6ffdc2a302daadd695b6015c4be71814df3e3b9177d88602f71c06d992b1a059ae63891b6dd793d5a79b3b1cd9568949b602be19721fa13053d1269b86a599d8f0e2b2ddf8076164e643d546d2a50247a92d6283de9be56b9537a27e8723534bc3277db41d29bb5fa70b3e8a2ea337b1409db376d1894c9c265bc71781a664056b12e604fc0926ab43f2e1ac21f43baf2f543daaeccb53e1a84b725dd293c8a7f4c9d7bfa7efec744bb7e1b3deae8fdfeaf210cc32961b8c50e097787a00628d6a5e90668cc9fb9251df6b7ac2e18d76426f1fd1dbc8303236c894efdd0e3b3c1f01afe6a50320817ff1b3496c59ec112c9fb5d0c2f548ade0b4809bcc54e21ea0804c4d144e0000da0e54dd632058a73a52a406948d5d9f5e464a63e5e82890ae129c68189215557e9b775e7223578ac160a2ed420d97c0cf653a177ff5b66eea9edfc62d5659daf62fc86984f7fe85632b319d52ec63df66a4448e61172df39cc9fe035ec6d007fa", 0x1000, 0x7, 0x0, 0x0, r6}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000840)="34e788d0f41c836f01ef5d5e44aa", 0xe, 0x4, 0x0, 0x2, r7}, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x2, 0x1000000000000000, r1, &(0x7f00000008c0)="ceec6b501d97acfea88aa5b77a72776c0424a23927f8424bdcac84d0b8ae01065c46c269e81238a178b46ce1636ccdca4f455e33ae0ecc7f9ebd5585139f5a9bcfbc8764d09d1f36b1a7f7131b743ca7f3f061fea44b1a2398fc4c21afd419d6d4a6a2b7c0c53a0867874a333803cec997da00a01d1bc5b51f4aebf922057341a2ec88a938839657086ca89302bfc091d0d4b8e181302e46d5c76d8225ce347800c2f896670190767a2c0c32d85b76dce4c9c72300106bc6c9df753ed6d90dc8a84e08de681e220a5575ac", 0xcb, 0x1, 0x0, 0x1, 0xffffffffffffff9c}]) io_submit(r0, 0x1, &(0x7f0000000240)=[&(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x4}]) io_submit(r0, 0x1, &(0x7f0000001280)=[&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}]) 02:36:31 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000)='/dev/udmabuf\x00', 0x2) set_mempolicy(0x3, &(0x7f0000000100)=0x5718fe8f, 0x4f) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f0000000140)={{&(0x7f0000575000/0x2000)=nil, 0x2000}, 0x2}) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, 0x0) 02:36:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RWRITE(0xffffffffffffffff, &(0x7f0000000000)={0xb, 0x77, 0x1, 0xffffffffffff7205}, 0xb) r2 = fcntl$dupfd(r0, 0x402, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f000000a000)={0x0, 0x0, &(0x7f0000012000)={&(0x7f0000000100)=ANY=[@ANYBLOB="28000000120001919c0e000000000000000010000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008003d0000000000ea0a8339eaab755ab6b7a5ddc13673c60c63ee65b467ba134a7527d019b4ee97c93609986b9a"], 0x28}}, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000000040)={0x6, 0x4, 0x9, 0x7, 0xa676}) 02:36:31 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x880, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x1, &(0x7f0000000080)=""/64, &(0x7f00000001c0)=[{0x7, 0x54, 0x1f, &(0x7f00000000c0)=""/84}]}) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x38, 0x10, 0xf0b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_REMOTE={0x8, 0xe, @dev}]}}}]}, 0x38}}, 0x0) 02:36:31 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000380)={"474cec15abf39ee8c346981e4954d137e9cb2cdfc6feaa9ffd7d15194dd8e98034cb75779e8f4aa577470e044fca0c587e6f7a347da32cdb529190e87c5332a219ddffc002b4e04c4b5329f2a66b127f07e216a9c1b3d8afa5b09f56c2982624ff149985e747320872582c9a64983c2d0721a24ef6003b2080896e33eb488a14cc753792e8e9a8c6d4968e0d80e4b1ea79de0078f57e02e88317aa41f129b5760e0fd54c6348366d8f6367c1d395d292b064be356b7efc3ddd7076808e8891adda121ac44da1f94d9b9e6bc709adf2e2234b432a5fba2f241eb11de17be2ff7963de3fca3f945a168eb66da4914f326a403b96407fa08f1297efa9595b9e83d529a9a8d02bafa09ab8e96893fc962e548300f246b235defa473e21998c11a52cf999db3e889e0568a044a195d35f61754528cd94b393efc89b503ae65236205b742e3327391f29b9b8b0864eee5ad0543fe6b97eba0e828dd37f5fb84277efdfe15080b3edaccb7069c96d7e4955b16b9e9ba4ad64f764388e674951a33b7c8b3601c917a6e5ee250cdff4beba7ad170d6b26c610e0147cdf5c65d38c647bb215a470d5236497c150a8d239e5382c24457792fd1fe0cdd3ba5cd988669e9af5921047114e0c14354d8fc0d82cce92198ecd9540026183ba0ece8677a4b89117295e10454651d46292395230069c27b94d7be7d57d00f6bfd43b72478a72551dfa8d67a3fd54333d6bb793a7cc3cc7a646c95f37812f6a60b3119be42245b4765119ab76ec73ba265af6c926141964612306fca73998a97438366d7a3b30958f22410429ff98f441bfb900f73f220a0b7862f0463ac15adf6697a88cd4a08e418a12cfb647258f746d36b9da90d13aed9ab0e3047b1974cc8ed7fe3bb5733d5e5361413423caf9cdc809c6c981caf93fafbb03646bbd3c040b79dc77011ed1deb4ed6726e16ee4e93211eb803a4d8c7c20471f1ce060ef921c6a9e3e63779a6c259f0fe161930144f94d267fc1fa516b67bc45268141be2c4de4730f8cb56feed0d246c3ceacfdf0f377bf6e85ffc738a509559f9d36806c941cdd7142a1f3989a4ad0be09f077cfb60ab78f80d79b80244670ce5bed181114631f9c80555795577875a41190c4441a99de0c7ef173e6bb154c41728f760c117cc4d0e434010aaf06f3a0908f4a026f9f10a69f3e674992ebb50c23f89a2db0aa4e96b1176f6c9612eff2f134db065dfd20d8464785d67199473ad9951533f84f4042abab340a873874cb9e5b700ec0d8f15b61ab9a91b0e03a8c7d62c77382cba82becf3d0a08292ed86f66e48d79f13eebb5cae2425cd107552c7d997b211281d6fb7a93b8a8138424de7ad17e63eb33282d3ce8e4455efd9e630e7e68a2b7de230b379b314db845dbf94d0341eea3d205ea739cc7d4a079857a3e319dd4d694b3bc301a1dce"}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x7b, 0x0, [0x4, 0x400000000002, 0x5079afdb, 0x9]}) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0) write$P9_RSTAT(r3, &(0x7f0000000780)=ANY=[@ANYBLOB="4d0000007d010000004600008008000000010000000001000000000000000000000003000000ff010000ff03000000000000000001002b09002f6465762f6b766d0009002f6465762f6b766d007e1057656c2b96ec639003d37e09ec7c4322c8f931e1e2bdd3d906b57beca70126590d53b4c6b226ee662ecb88805955ad312a11172b500089d34cb5a92a356e2083573bccb7d0bfd5e8686dc60a1874f2e3dd1e6ab18f45c61c6fa8fb2505735f5e554521ad378cda625f55a61226b958e27e9d1432e0abde6e02d1023ae93cb702ac175545c101c571183dfbe6437dfa8352e432"], 0x4d) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xec, r4, 0xc00, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x78, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x75}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x44ef76f}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xffffffff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}]}, @IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DEST={0x18, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xe, 0x20}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x16}}, @IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x40}, 0x84) 02:36:31 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x108) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) r1 = request_key(&(0x7f00000002c0)='cifs.spnego\x00', &(0x7f0000000440)={'syz', 0x0}, &(0x7f0000000480)='+.\x00', 0xfffffffffffffff8) add_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, r1) setsockopt$inet6_group_source_req(r0, 0x29, 0x1000000002d, &(0x7f0000000300)={0x42, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x4e24, 0x7fffffffd, @mcast2}}}, 0x82c05ae892f3b8a) openat$vnet(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/vhost-net\x00', 0x2, 0x0) 02:36:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 574.606804][T28792] netlink: 'syz-executor.3': attribute type 14 has an invalid length. [ 574.624609][T28795] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 574.650899][T28795] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 02:36:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 574.716197][T28777] FAULT_INJECTION: forcing a failure. [ 574.716197][T28777] name failslab, interval 1, probability 0, space 0, times 0 [ 574.775848][T28795] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 574.786946][T28777] CPU: 0 PID: 28777 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 574.796070][T28777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.806117][T28777] Call Trace: [ 574.809400][T28777] dump_stack+0x172/0x1f0 [ 574.813719][T28777] should_fail.cold+0xa/0x15 [ 574.818308][T28777] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 574.824100][T28777] ? ___might_sleep+0x163/0x280 [ 574.828935][T28777] __should_failslab+0x121/0x190 [ 574.833855][T28777] should_failslab+0x9/0x14 [ 574.838338][T28777] kmem_cache_alloc+0x2be/0x710 [ 574.843171][T28777] ? rcu_read_lock_sched_held+0x110/0x130 [ 574.848873][T28777] ? kmem_cache_alloc+0x341/0x710 [ 574.853884][T28777] security_file_alloc+0x39/0x170 [ 574.858893][T28777] __alloc_file+0xac/0x300 [ 574.863292][T28777] alloc_empty_file+0x72/0x170 [ 574.868046][T28777] dentry_open+0x70/0x1d0 [ 574.872363][T28777] ovl_path_open+0x56/0x70 [ 574.876772][T28777] ovl_check_d_type_supported+0x98/0x230 [ 574.882397][T28777] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 574.887835][T28777] ? ovl_dir_fsync+0x3c0/0x3c0 [ 574.892610][T28777] ? __mnt_want_write+0x1f1/0x2f0 [ 574.897649][T28777] ovl_fill_super+0x10c7/0x3bb8 [ 574.902495][T28777] ? ovl_show_options+0x550/0x550 [ 574.907500][T28777] ? up_write+0x1c/0x150 [ 574.911743][T28777] ? sget_userns+0x105/0x560 [ 574.916317][T28777] ? get_anon_bdev+0xc0/0xc0 [ 574.920889][T28777] ? sget+0x114/0x150 [ 574.924855][T28777] ? ovl_show_options+0x550/0x550 [ 574.929858][T28777] mount_nodev+0x68/0x110 [ 574.934184][T28777] ovl_mount+0x2d/0x40 [ 574.938238][T28777] ? ovl_own_xattr_set+0x10/0x10 [ 574.943157][T28777] legacy_get_tree+0xf2/0x200 [ 574.947845][T28777] vfs_get_tree+0x123/0x450 [ 574.952334][T28777] do_mount+0x1436/0x2c40 [ 574.956660][T28777] ? copy_mount_string+0x40/0x40 [ 574.961579][T28777] ? copy_mount_options+0x234/0x440 [ 574.966789][T28777] ? __sanitizer_cov_trace_pc+0x3b/0x50 [ 574.972318][T28777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.978542][T28777] ? copy_mount_options+0x30e/0x440 [ 574.983723][T28777] ksys_mount+0xdb/0x150 [ 574.987950][T28777] __x64_sys_mount+0xbe/0x150 [ 574.992614][T28777] do_syscall_64+0x103/0x610 [ 574.997198][T28777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 575.003070][T28777] RIP: 0033:0x457e29 [ 575.006975][T28777] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 575.026570][T28777] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 575.034964][T28777] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 575.042919][T28777] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 575.050872][T28777] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 575.058824][T28777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 575.066787][T28777] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 575.077401][T28795] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 02:36:31 executing program 0 (fault-call:20 fault-nth:76): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:31 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x20080048, 0x0) setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000080), 0x4) r1 = socket$inet(0x2, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) listen(r1, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) shutdown(r1, 0x1) 02:36:31 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x7a05, 0x1700) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x240000) lstat(0x0, 0x0) ioctl$VHOST_SET_OWNER(r1, 0xaf01, 0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) 02:36:31 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x200, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffff9c, 0xc008640a, &(0x7f00000000c0)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={r1, 0x0, 0x6}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000040)={0x100000000, 0xffffffff, 0x5, 0x400}) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:32 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x1) flistxattr(r0, &(0x7f0000000000)=""/207, 0xcf) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x13}, 0x9}, 0x1c) socket$inet_dccp(0x2, 0x6, 0x0) 02:36:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:32 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0) getsockopt$inet_int(r0, 0x10d, 0x0, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x2100, 0x0) getpeername$inet6(r1, 0x0, 0x0) ioctl$BINDER_THREAD_EXIT(0xffffffffffffffff, 0x40046208, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x3, 0x40) setsockopt$inet6_tcp_int(r2, 0x6, 0x7, &(0x7f0000000180)=0x6, 0x4) prctl$PR_SET_UNALIGN(0x6, 0x0) ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000}) shmget(0x0, 0x2000, 0x54000810, &(0x7f0000ffc000/0x2000)=nil) socket$inet_sctp(0x2, 0x5, 0x84) syz_genetlink_get_family_id$fou(0x0) r3 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040)='/dev/capi20\x00', 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r3, 0xc0104320, &(0x7f0000000100)={0xb, &(0x7f0000000080)}) 02:36:32 executing program 3: r0 = socket(0x10, 0x2, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x0, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r2) ioctl$TIOCEXCL(r1, 0x540c) 02:36:32 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e23, @multicast1}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='net/ip6_mr_cache\x00') ioctl$VT_WAITACTIVE(r1, 0x5607) sendto$inet(r0, 0x0, 0x2ec, 0x200007fd, &(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000200)='scalable\x00', 0x9) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='vxcan1\x00\x00\x00\xf8\xff\xff\xff\x00', 0x10) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000380)=[{&(0x7f0000000240)="93bb1f1c1652da6e32db2946df0df95176302112d6c020999267632e1359a0aba0dd21ac2900a846c0aa3ff68dc81bee052a46bf6939ac6aeaa836dff66a43870c28c870c67d85501afdb0850ab8b0e9f817484c080021e626dc", 0x5a, 0x8}, {&(0x7f00000002c0)="2511b49cda480a0192313a279d1cf8c7fff4cf521250822c4aeb9eb194410137687757e1041bd34e00e93e13229d0a0be2f2da647e6014a1da094dc4dc5405bd07e81256f1b0d7a783695863099020aa652356073fec96047afa2a31df644ba0a8533590d0c2e168a720cfa1f8280ac1c148085fcb405d98305d93bc6a945da9bad30c563ce14af17a514f286bf36674d0ff3210cbb68ddf", 0x98, 0xffffffffffff28a3}], 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB="646f6e745f61707072616973652c646f6e745f61707072616973652c6f626a5f747970653d5b296b657972696e672a2c6d6561737572652c73706d61c4f04c1e133d2c646f6e745f686173682c00"]) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) umount2(&(0x7f00000001c0)='./file0/file0\x00', 0x0) write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000000340)={0x46, 0x6, 0x0, {0x1, 0x0, 0x1d, 0x0, '/selinux/avc/cache_threshold\x00'}}, 0x46) syz_mount_image$nfs4(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) umount2(&(0x7f0000000180)='./file0\x00', 0x3) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f00000000c0)={0x0, 0x7, 0x0, 0x81, 'syz1\x00', 0x5}) sendto(r0, &(0x7f0000000080)='\x00', 0x1, 0x0, 0x0, 0x0) 02:36:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000180)=0x4) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x200, 0x0) ioctl$HDIO_GETGEO(r3, 0x301, &(0x7f00000000c0)) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f0000000300)={0x8, 0x120, 0xfa00, {0x4, {0x100000000, 0x55f9, "3fc32bef9e3d7144ba3b4ba3a43dafbc8101ea983a01ccd7f430f55087f9734f9e591d900889c604a03e4c801db014fb8a9b07724f3865e5ac21f97728c48bd969a6af7c923b3861502f4ff7d60a497995744e6612956f528f5516782b47470a837c8eb9f78684a68f4f0e2603b1e251eab996c01f6afb027f5f6504491e178fc3c6e92b3149fececef9259986d1acb6e1524603dae3a3f4755d4e26af340bda897c12e22cf9f65217b2a740ebd53956bf375da5d23479bac901fe6fae1b171477fc7a0519d8b4644491dbe59750d2e0eb03fcb18d76b3a7fbf88409390b2ddc1e013915068ae387a4c1e2467dc6d3bf5ad65df27b5987353777200df91aec59", 0x35, 0x6, 0x2, 0x0, 0x800, 0x200, 0x20, 0x1}, r4}}, 0x128) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 575.446229][T28838] FAULT_INJECTION: forcing a failure. [ 575.446229][T28838] name failslab, interval 1, probability 0, space 0, times 0 02:36:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) [ 575.529017][T28838] CPU: 0 PID: 28838 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 575.538172][T28838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 575.548275][T28838] Call Trace: [ 575.551562][T28838] dump_stack+0x172/0x1f0 [ 575.551597][T28838] should_fail.cold+0xa/0x15 [ 575.551616][T28838] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 575.560808][T28838] ? ___might_sleep+0x163/0x280 [ 575.560830][T28838] __should_failslab+0x121/0x190 [ 575.560847][T28838] should_failslab+0x9/0x14 [ 575.560862][T28838] kmem_cache_alloc+0x2be/0x710 [ 575.560877][T28838] ? fsnotify+0xbc0/0xbc0 [ 575.560892][T28838] ? fsnotify_first_mark+0x210/0x210 [ 575.560909][T28838] __d_alloc+0x2e/0x8c0 [ 575.560927][T28838] d_alloc_cursor+0x3f/0xe0 [ 575.571580][T28838] dcache_dir_open+0x37/0x90 [ 575.571606][T28838] do_dentry_open+0x488/0x1160 [ 575.571624][T28838] ? empty_dir_getattr+0x70/0x70 [ 575.571646][T28838] ? chown_common+0x5c0/0x5c0 [ 575.571669][T28838] dentry_open+0x132/0x1d0 [ 575.627469][T28838] ovl_path_open+0x56/0x70 [ 575.631889][T28838] ovl_check_d_type_supported+0x98/0x230 [ 575.637526][T28838] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 575.642989][T28838] ? ovl_dir_fsync+0x3c0/0x3c0 [ 575.647763][T28838] ? __mnt_want_write+0x1f1/0x2f0 [ 575.652799][T28838] ovl_fill_super+0x10c7/0x3bb8 [ 575.657676][T28838] ? ovl_show_options+0x550/0x550 [ 575.662694][T28838] ? up_write+0x1c/0x150 [ 575.666947][T28838] ? sget_userns+0x105/0x560 [ 575.671555][T28838] ? get_anon_bdev+0xc0/0xc0 [ 575.676342][T28838] ? sget+0x114/0x150 [ 575.680323][T28838] ? ovl_show_options+0x550/0x550 [ 575.685341][T28838] mount_nodev+0x68/0x110 [ 575.689665][T28838] ovl_mount+0x2d/0x40 [ 575.693724][T28838] ? ovl_own_xattr_set+0x10/0x10 [ 575.698671][T28838] legacy_get_tree+0xf2/0x200 [ 575.703357][T28838] vfs_get_tree+0x123/0x450 [ 575.707872][T28838] do_mount+0x1436/0x2c40 [ 575.712221][T28838] ? copy_mount_string+0x40/0x40 [ 575.717166][T28838] ? _copy_from_user+0xdd/0x150 [ 575.722016][T28838] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 575.728241][T28838] ? copy_mount_options+0x30e/0x440 [ 575.733424][T28838] ksys_mount+0xdb/0x150 [ 575.737652][T28838] __x64_sys_mount+0xbe/0x150 [ 575.742315][T28838] do_syscall_64+0x103/0x610 [ 575.746941][T28838] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 575.752816][T28838] RIP: 0033:0x457e29 [ 575.756694][T28838] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 575.776338][T28838] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 575.784745][T28838] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 575.792712][T28838] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 575.800678][T28838] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 575.808636][T28838] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 575.816592][T28838] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 575.849478][T28860] FAT-fs (loop1): Unrecognized mount option "dont_appraise" or missing value 02:36:32 executing program 0 (fault-call:20 fault-nth:77): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:32 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x100082) write$P9_RWSTAT(0xffffffffffffffff, 0x0, 0x0) r2 = memfd_create(&(0x7f0000000380)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) fsetxattr$security_smack_entry(r2, &(0x7f0000000780)='security.SMICK64MMAP\x00\x90\b\xac\x18/\x9b*\xf8\xe3\\\x8f\xa9I\x1e\xb9\x01&Y&\xb1\x17A\x1b{mR7i6[\xc4\x9bz\xe4U#%><\xecK_.\xed\xac4\x8b\xfbN\x91\xb2\xa8\x00.\xa8U\xe53\xa8\x86\xb5\x00[*81\xcf,Xg{\x91\x04\xf7\x8a\xf5\xcb\xf5\b/l^\x9fm\xb7h\xea\x05[\xab\x839\x82\xe1>\r\xc8\xdb\x05\x9cw', &(0x7f0000000280)='IPVS\x00', 0x5, 0x0) pwritev(r2, &(0x7f0000000340)=[{&(0x7f0000000900)='\'', 0x1}], 0x1, 0x81806) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r2, 0x0, 0x20000102000007) add_key$keyring(&(0x7f0000000500)='keyring\x00', &(0x7f0000000540)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe) sendfile(0xffffffffffffffff, r0, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f0000000580)={'TPROXY\x00'}, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x1, 0x1) write$9p(r3, &(0x7f0000000300)="a94657d20c82f436", 0x8) r4 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) io_setup(0xb, &(0x7f0000000240)) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000680)=0x9) lsetxattr$trusted_overlay_origin(0x0, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) r5 = creat(0x0, 0x0) open_by_handle_at(r2, &(0x7f0000001a40)={0x6b, 0x9, "1b154c4a95cdf9f27a31bc500b84fbd1e5db7d54ebb860d78ed165af03f1a342aed04d1ef994ca96b5c9d03e6da9c1e249e08fbf9945836fda5bd86607ea4ccdf094071a04f68fdf7f99ea66c5fbaab75c157462c4c817e3bb71556831aa6a12b6e867"}, 0x0) accept$packet(r5, 0x0, &(0x7f00000002c0)=0xfde6) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) accept4$packet(0xffffffffffffffff, &(0x7f0000003fc0), &(0x7f0000004000)=0x14, 0x0) getsockopt$inet6_mreq(r5, 0x29, 0x0, 0x0, 0x0) setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f0000000740), 0x4) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r4, 0x0, 0xe3, 0x9b, &(0x7f0000000800)="65a008e47447d6dc960b8e4f9e7188c31ca4c821cf6dd564dcf8166184514fce6914f0cc3107b1b7659a7315c48d57d04da211256fffc13931c16d856da53c4af424a07ee8b0c66423bca998f2f9676079c910ba430d60d3efa7c3d52bda912f68bf7ed4309223586f543b3d1363388f37daee6ebf5e55366ccaf1fbc45caedf2ad352452c4d943bd391fba9bcf16ada538e09f9cbc39db44698af66be9d034cbb3fe8392f40dce345fa10c3af21ba0bb2e6e439b3347847ce95fb8b786bc4d4ce8770f99780027bd1cc59d3da752f41798541a442d77184091b3e74665a8a40277344", &(0x7f00000005c0)=""/155, 0x6da}, 0x28) fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f0000000700)) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000200)={0x0, @aes128, 0x0, "d6efdaac1e9d8e47"}) 02:36:32 executing program 3: perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x3e7, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0) mmap(&(0x7f0000701000/0x2000)=nil, 0x2000, 0x0, 0x10020012, r0, 0x0) 02:36:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:32 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000400)={0xd7, &(0x7f0000000300)="4204d41abd004fa4fb30c65ead7fd369abffca12b773216e67d1216241d4303c5506cb1260ff2493f61c4e37acb83cb02dad674111bef2a94ebfa8dd8f71bf812380d045c4327061eda2ab25e589287ab148470d0eb37a90ac5b09f4e9835ad2b31d8459928700a2d54e89720e6ff5e62057d629583a24b27fd5f8113d999eda31e79aa55f6390af172352412669ee5b2d9658bde27dfd321c4ddfcea568ad409fa95aa1335d6d9313a23d65e9c524d27c6f64da54707988c062d53fa4d08926a0155e6c132397f0c9164249922d178010197cadb25cfa"}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000040)={0x0, 0x44, "6cf01e9952cc55099bb1f6595bb91424a85d5f77cdc78012e00fdd6b75517b8384a117568b574b973860dfcdc63898ab664a835f2a17f858de33de1b8d8a19e57a366342"}, &(0x7f00000000c0)=0x4c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000180)={r4, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x70}}}, [0x9, 0x7, 0xcc0f, 0x4, 0x4, 0x4, 0x10001, 0x9, 0x20, 0x7, 0x7, 0x7, 0x0, 0x7c, 0x9]}, &(0x7f0000000100)=0x100) setsockopt$netrom_NETROM_IDLE(r3, 0x103, 0x7, &(0x7f0000000440)=0x409a, 0x4) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:32 executing program 1: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0x0, 0x0) r0 = socket(0x11, 0x5, 0xffe4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) accept(0xffffffffffffffff, 0x0, 0x0) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x2000000000002, @local, 'bridge0\x00'}}, 0x1e) sendmmsg(r1, &(0x7f000000d180), 0x4000000000000eb, 0x0) bind$packet(r0, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) 02:36:32 executing program 3: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dlm-monitor\x00', 0x8800, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000400)={0x1, 0x8c, 0x100000001, 0x0, 0xd, 0x7, 0x7, 0x7fffffff, 0xd764, 0xf0bb}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x4, @link_local, 'bond0\x00'}}, 0x1e) r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000100)={r2, 0x2, 0xffffffffffff7fff}, &(0x7f0000000140)={'enc=', 'raw', ' hash=', {'cbcmac-aes-neon\x00'}}, &(0x7f00000001c0)="e49f47272a6071801be1e9d16fbb7c005ca04c1e5adee5b0e08efc61821535270e9b16c5dc175afe558317b3f0af2370a3b187e60b33bbfce1ad1c35ec9731565004860a53d0c4d9782c79fdaf4750ac8e56f97510f8a2ea3d0b9d9872e893bdb55acfa42f8dc8998c68f4de11f580019bf0e6870203ef414b78a4cf1f27926b8bb7f2d0e0d48041fe8723d84387b5dd516c57fa95bd2eb1e72c834a4343a1633ab698e11b8333269b2e2af515e1a99afe13c8125bee9aee5d3d3c7a98c4b1689f12ae5ddaba1fb2d46ec2d6c4d015bdd44d81c252f5855864630cb59533d94cbbf1048f28e26c7ced6b57dde361c41b9b1713", &(0x7f00000002c0)=""/209) sendmmsg(r1, &(0x7f00000000c0)=[{{&(0x7f0000002980)=@rc, 0x80, &(0x7f00000003c0), 0x0, &(0x7f0000000100)}}], 0x69, 0x0) 02:36:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:33 executing program 5: r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xf, 0x400) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$TIPC_MCAST_REPLICAST(r0, 0x10f, 0x86) ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000080)={0x4001080323}) 02:36:33 executing program 5: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r0, 0xa) r1 = open(&(0x7f0000000780)='./bus\x00', 0x101280, 0x90) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x0, 0x4002011, r1, 0x0) mincore(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0) [ 576.271864][T28892] FAULT_INJECTION: forcing a failure. [ 576.271864][T28892] name failslab, interval 1, probability 0, space 0, times 0 [ 576.303406][T28892] CPU: 0 PID: 28892 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 576.312635][T28892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 576.322689][T28892] Call Trace: [ 576.325982][T28892] dump_stack+0x172/0x1f0 [ 576.326008][T28892] should_fail.cold+0xa/0x15 [ 576.326028][T28892] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 576.326050][T28892] ? ___might_sleep+0x163/0x280 [ 576.326071][T28892] __should_failslab+0x121/0x190 [ 576.326087][T28892] should_failslab+0x9/0x14 [ 576.326105][T28892] kmem_cache_alloc+0x2be/0x710 [ 576.359911][T28892] ? creds_are_invalid+0x3d/0x50 [ 576.364851][T28892] security_file_alloc+0x39/0x170 [ 576.369861][T28892] __alloc_file+0xac/0x300 [ 576.374272][T28892] alloc_empty_file+0x72/0x170 [ 576.379019][T28892] dentry_open+0x70/0x1d0 [ 576.383332][T28892] ovl_path_open+0x56/0x70 [ 576.387729][T28892] ovl_check_d_type_supported+0x98/0x230 [ 576.393344][T28892] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 576.398783][T28892] ? ovl_dir_fsync+0x3c0/0x3c0 [ 576.403541][T28892] ? __mnt_want_write+0x1f1/0x2f0 [ 576.408551][T28892] ovl_fill_super+0x10c7/0x3bb8 [ 576.413398][T28892] ? ovl_show_options+0x550/0x550 [ 576.418401][T28892] ? up_write+0x1c/0x150 [ 576.422626][T28892] ? sget_userns+0x105/0x560 [ 576.427197][T28892] ? get_anon_bdev+0xc0/0xc0 [ 576.431763][T28892] ? sget+0x114/0x150 [ 576.435723][T28892] ? ovl_show_options+0x550/0x550 [ 576.440739][T28892] mount_nodev+0x68/0x110 [ 576.445138][T28892] ovl_mount+0x2d/0x40 [ 576.449195][T28892] ? ovl_own_xattr_set+0x10/0x10 [ 576.454112][T28892] legacy_get_tree+0xf2/0x200 [ 576.458771][T28892] vfs_get_tree+0x123/0x450 [ 576.463254][T28892] do_mount+0x1436/0x2c40 [ 576.467580][T28892] ? copy_mount_string+0x40/0x40 [ 576.473454][T28892] ? copy_mount_options+0x1de/0x440 [ 576.478637][T28892] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 576.484166][T28892] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 576.490387][T28892] ? copy_mount_options+0x30e/0x440 [ 576.495573][T28892] ksys_mount+0xdb/0x150 [ 576.499808][T28892] __x64_sys_mount+0xbe/0x150 [ 576.504472][T28892] do_syscall_64+0x103/0x610 [ 576.509049][T28892] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 576.514922][T28892] RIP: 0033:0x457e29 [ 576.518799][T28892] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 576.538383][T28892] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 576.546775][T28892] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 576.554730][T28892] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 576.562684][T28892] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 02:36:33 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040), 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) close(r1) r2 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x3, 0x0, @ipv4={[], [], @local}}, 0x1c) io_setup(0x7, &(0x7f0000000240)=0x0) write$binfmt_elf64(r2, 0x0, 0x0) io_submit(r3, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r1, 0x0, 0x12f}]) [ 576.570648][T28892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 576.578602][T28892] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 [ 576.674530][ T26] audit: type=1804 audit(1550370993.463:176): pid=28927 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir785138365/syzkaller.WWBtjH/503/bus" dev="sda1" ino=16559 res=1 02:36:33 executing program 0 (fault-call:20 fault-nth:78): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:33 executing program 5: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0205649, &(0x7f00000001c0)={0x3, @raw_data="516763af4bdc76b1271694f26ddc98fae7d3751e185bdb089b09bbc364f8acdb93470ed61178ba5adf85ce87d4dea7d66c5d88561c5a15275ff148f2d85489f3d48e75f178f2fffce16227ba809210a09d5de64cdf4640982c1984fa779960932c8d0b3c502b39bf09067cf8a6544b5fd86a91afd84421fc95abaa8017f7f6365d01132b179bebd669b43a413eb7d65ce42de9640fe0d7a1e49fad7a3928b35611bd8c7c0fc76acd2e589f1788d9af417b5b5cc02b7b8de1296bcc8c9b7ad25467b7a7da259f32ef"}) 02:36:33 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00') write$9p(r0, 0x0, 0x247) 02:36:33 executing program 3: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={0xfffffffffffffffd}, 0x0, 0x8) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12, 0x4, @tid=r1}, &(0x7f0000044000)) timer_settime(0x0, 0x3, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff}) inotify_add_watch(r2, &(0x7f0000000080)='./file0\x00', 0x100) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f0000000180)={&(0x7f0000000140), 0x8}) fcntl$setstatus(r0, 0x4, 0x42000) 02:36:33 executing program 5: r0 = syz_open_dev$usb(&(0x7f0000000400)='/dev/bus/usb/00#/00#\x00', 0x7, 0x2300) ioctl$SIOCNRDECOBS(r0, 0x89e2) add_key(0x0, 0x0, &(0x7f0000000740), 0x5b, 0xfffffffffffffff9) r1 = request_key(&(0x7f0000000700)='.dead\x00', 0x0, &(0x7f0000000780)='user\x00', 0xfffffffffffffffb) keyctl$negate(0xd, 0x0, 0x1, r1) syz_mount_image$hfs(&(0x7f0000001980)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0xc3, 0x0) ioctl$TUNGETFILTER(r2, 0x801054db, &(0x7f0000000340)=""/74) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000140)=0xe7f, 0x4) add_key$user(&(0x7f00000004c0)='user\x00', &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, r1) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_read_part_table(0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000010000)="000068000000000000000000000000008128b14700000000d59863d20000000002000f2020cc00000000ff0700000000000000000000000000000000000000000000000000000000000000000000000000000000000000008a6e94c0000055aa", 0x60, 0x1a0}]) write(r3, 0x0, 0xfd54) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x1, &(0x7f0000000100)=@raw=[@exit], &(0x7f0000000180)='GPL\x00', 0x6, 0x98, &(0x7f00000001c0)=""/152, 0x41100, 0x1, [], r4, 0xb}, 0x48) sendmsg$kcm(r0, &(0x7f0000000580)={&(0x7f0000000600)=@nfc={0x27, 0x0, 0x1, 0x6}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000680)="4a338bb93c18a6be18f65269c98e4b23a8c1ab2dd2e55ae0913e8502f3c18e04e4ee60000f38944e3778ed56df5c01a79116495524b22985a387b4b68e80b0e785ef0d227961302f786524003156accc32a81a61ee44736ca492ee525fc27ea7e850c94e91eb9b6d", 0x68}, {&(0x7f00000003c0)="a94649bbfd66a78a3b71d3acff8f21ab6e4ffc8e664189ad64d7effa0a1cd0fade4d6ec6", 0x24}, {&(0x7f00000007c0)="3972bfffcf8fa83e56ebc468e9d8687403496df0b958d123a07a78db15125f05d7f60a0d37f17f7db4890fb32d1417526b0c28d8d1445c4e89e90ecb88488d38618d28a62fc2723f451f8f8a6a698f443008f0acfcbaf07a7cbc0bf058ce0aa22cc1c443790be0c9e3988ab548f3a80c27", 0x71}, {&(0x7f0000000840)="44a8919dca1b924217b4a55d97c44973f3942cd854a89f36593c1f6c1d590dfcb8ac25be8c1a3ec65289ada1dfcbdb63c79e48033c8a0b26f4b10e4fb44ca2dff211bfd3", 0x44}], 0x4, &(0x7f00000019c0)=ANY=[@ANYBLOB="400000000000000002010000080000004814692c999d4700eca757ab14df36bccbe3663c12f0ce308ed87ac2c5f88f0a70dd111f97962e4f64f971cc00000000b8000000000000003f0100000300000062d4609b792a846c8cd89950c59cca471a805b299ac7f5c6f4f41b2a4d645c3cac96010ed07f378fbca6183d026f3d7246e1d22dd6d92b715e2cee8fe2d8305c024d83c580ecf8f8e2c9ea2efdbf4d74ba5f6735baa6879f808e90808b08f0ecb9cdbb203f99ab149316c1c68e00be3479e91d54eda127529573bacd876a160e656696c0f4d46229c9f3310967b98c88dbb5f051fac1c3da8b2dad519b4030c7ea12d500000000001010000000000000100100008e4800000606aa7bd68a4e747fba022c3bf9d4fe80c190d2cb9c5e4ab70d9a54133bc5f435ee4de0d3ea610abc96632b9224946903d8e6c5909d5c22ec3f05b15c3473c6dbc3d5312359a756fe7676f230f7f610ba2226c7a41fea78a12f4a7699ed5f55b0844dc2cba8a3e9918c0af0fc91cf72627b6f9f9c076c87b44653dda9f44cad06fa28ecaa3d5cf7b466ed61f800d5e5fc8153a6d9d6694d1dcd7beb1d4819ba0a672573bf8b08c9f2c11658f4e2eabfae2c1e6605494ec6f56b53f86a637065ef033aacd9986bcfb50e8f9cdca060c30b70f42b8cde20a4061f836dfb9b826879728f6f923930b1b2b201fd92af47c4ea68dd9780bc33021faabc38bc05cf75f7f303822ee25fc5f4d8714a0d3243a4e9c7cbedf4e16a17581744b7752ea1e0268362d516732dfb14d3a0dd6c7b175e3d49e5a1cb764872f1c7e1238bfa37c1d46817395f64359a85cf4301865de6e37e3cc31aae067dcb04e6e215a5a69f39f9c2a1aa9289819de6e10546c507c505b9b6debd4032ca1ef15998946678b17a0be011cf832ed30adca4e97b8741b22c6b806ea899a515846c816f0f73ff89325c874e7c8e4a943dc6f272a2e711fdecedcac3e20a13b582c583eb7c8e6b039e9d44f794a28c11dbf5be29043f0956b92efa0f43ba1096a15cc6a01dfbf1120b2b11282775cd4b920b1913a7a5de9dcb05b7507fd0f5ae65452cf884b5fd370f5c8b31137a9de0ffbcdf240124519e973d085cb391af2b4840adf18943b214431cd9f7f3dcb59e004bcc66bc8e071cb88f1c33008b12e5cc228b3d0747bc4457a9799df6ef46dc0797f850bcd87b4b32829842a2670cb6d1dab5962e135c8f0d52c9b4df8008bbe00306a3e91b4f2275c34736216494b5bd96bbdf850856da91a2180195cbda87dd5ab74ece82b35985656ceacd65e75a662e700ded536e0642c9c7a25ae79f5771b9df474ad34931ad8c03dd4cf2053cc434bd022dc40dd9a20bd743651154894f6f25d89c00dc2dce46412e8921ac7d0e6dc5318c80afa9f3c09a81c4890eee4095a974a71723ddbc488709dc8d632f4492e0fe1029f88477a16e056d4c4ce0ccae5fe602ecdb71f79a645424d491f6d5e1a69fd22e42b8a3e18bce511fe4a795acb112e18c7e5feedb87a9ac016b517ba1ac90712d8232a897b0c03a1f0e7fe168a4f3b679d62cd790da2a50a9f0436fb7debd3a25b512ccefb59b614d244473d7aa2b8d2117debef0b18ea8b7f252c91346aa8cb1e63d17562d5f8f39a94b2aeb389b05096a2bf005cf1415686bb8f3a43bdad9c8ba742eed7da549329b82df357171944a3951847f8ce25060656b5b579bf4edf173822a6f2dae6fd574a223a53903c8348a139359e9958398db737ba908b93f14b25638ae5810b1b7f5b659b35740b9cd32db14732e431b699e935ac105b9e7a6a0563a449604982622a0f6360483e52126e4714265500f8002cea6509adb746def7a0f3c92f9f7b1e66cec940babdedc84fbe79df0ce8962b685035c4cce0ed29f898a0003af1f794cfd5d94b453354fcb4d3760e82f9130cd74c50d6129a9b4b1e68862c2eea4ee89ef004edcdfe18cc34d4fd44b692c10796c8520c9336e40355afa98e7a56a5e56f29e9579033994cd9fcd338a2deba11f766eb5293fe3c24ec2d56aa3c6035c45734fecf4f8b35514ecf6c6301f0d56e86d5c95cc9f85f0da47a34e336b63581c466e62fa85103d13e84572a54f12048b3139de85bf0b1e0f1bb5ab5a7f615e1fb8cd32f7d63bf26e38bca599267699125be4cac1449427d475a4dc15892bbbc1104c3a094f8c30d74de23e21e3f69e63e6d5b3393147f3fbc9f04985ca61640a513ecb2936dc509bbec1506a1c1aa32ef4dab1c6972b8d8577bc811fb5589751f61badd0f4e532af5cd11209df3c82a991903e93c47c2dd442efa565557cdd119a2224f464158526a981edb7e7c235e45fd1a7edae0d2444662fdba29d8911b70e183633aac0ec9f2435824193a6d6b0d1934b25eb31bbc775377df3c44cf92100df12a9e0b9baef2553b094f470f39fb42a2da92f1e6968e0dbac61916d319b5b4507c059c19ccf983855dcdc2355abe559b50c8736f77b2a3f73d13488bc50b51d717a8bc9764a002185bf70e8cc16135d090dd19ef6679c26394be358121bf191563c558ece7859f431bf66e990261c68e82ef64100b302bd10ec91b96a41878c0fb70166d2078e23d9de09623dd786fa4784684b8fa7d46c19611cd30f5a87a731f27f655e699aebebc53b1ff72aabb82066b89a8688eaa06816a2065e239fc794c179e6a312458554f674d67facb7eabc0068d205ff35e514e6ae98a8a2d0f3dd52cc8b921f2c0420aa2c004097bb6a6505417c5f7629243932600df3d30e66479e5b3bfc09fed51fad84f51a6ee70e403b53946ba07787159e38e2f9e3a003060d8bbbe1b6b8b427168da2e69d207c0e3b2e99f7f7c93020fa473b79474a7bd3b9451b0397485dcaa1bcd6a732be6b46b15e4e17381f6ac44cc3cc2e3f66ff5101c026b3e25d6256595839408078875df5c24569161ca7289d22bf05d6957e626d3f3355e8f874635fff95449c7a6612cec31f76eebd397e59406782f6a4b9f21dc05bb9c76379053fd8b5e66b3f52687587a639d30e770174f0f6e00877e5c170f3e972d46b28c24c0c406a45f85300c6096de16d028e0a1e57d8e0d0eb8213f3dcb96ec3c0854f300152c79d7c82b9757e5a110adcad23d503c45137b2683b59eb732cbb483c2e186fe2b684634cf90c1b890f3ef8a43a742a6206b5900c03a551d8ba1422653efd616ec659b447f1b51baf0048e59457c49f9f5af5b657afb8fb1b391b2c4c71b4a11deb4bda95a1bfea01e278cec6518feeb6f8a812d015266a183d3c8bd0feb8bcb76ce26a93a9811f298f93be0ac4e8c689d49cc57f47b7b65e14014f718405c0786aeb304a8beaa336ae7f286c4598e7bbe5fab9ebe09d973969760f43f9ef410c7e9553adc6c3bcb6c256ed9cc4e898ebd1d8fd958ebe04561f92c84036675e811dfd705f14b8b2f39c74917b1453067781f2d2070a022ddc747090dc6d148195b067cb32077c3e6b604230dae76b0411ac4e44ae7538dadcc4abf5c7735ff4fbeffcefd3cff3f472fc165cb052d01fce06564bf80e73f2bf9b55c44c9aaf4ba90fbda04d0c6b7856d8f0fa374bec960910974c9299be40aecf2c4c063e83c4e036165f1b5cf1355b916340657ed1c194f1f9b12234fcfae70ae14eed74d5840824dfb6520b68bbd5b9b5c4a16e369bb69a0ce671a1353c01e04747e520528aad27f519d4ba7651ad55de316f6ccb413abfb5660304d106a6cdf7ddf20d026e8feea465009c3eebae7189e0d48fbdbb6f4ce495a5af87ea6f9820b844f51d22d96b495f5a8a50036d6c3b39f1dd59266357b27cd3cc53ec07dc95e9f5db14e94b14fc58e4d6cd22a3ca32a90f35ad7b038b5520bd50c7d7f833c3bc3619bf21ea7ceba1ad23fcdf14b0d223f63c6356d40366e2b144c2dd6746673e1efd5f118a13fea94cbf18e0d42c9ee3ce6bf2882c7afa40b340e924e61a98754a674d3f5da78d1a0607181952b8abda70db42471517e97f9b7447656117d99f6e7eedb478185446ab2e50850a25038689629e388abeb5ebbaf85c4175eadb1a029ecfa5620f4f53d827bde43d4ac6db9faac0f1e4a2dd4cc98cb6928ac9822ba2230de92c859a4a08c2ef95294c6c0cbce903b9663700747a26075728ebfd59de8d4b742852b7783f26cfb17902572a7c2cbca7f77531c9a71241af186ebbadbef69dd1914f87fd08bd708a9a8705012f8dc3d0cf45cee838816d078b19da75a3fe77bafa99de02e6800d7d994e205f801fb2aaf2c37a812f6b2852fea67812595d9ae473d174c6f769f7b67adbd8e3537203d7937ce506b44eecf45544bd7b50e3ed873993452d48307e5484294b725cb66c5eebacec3b8f3fe2f5ddfead734dcfcf3e361206bd4e8e69b96278738af13f9ebbbacf644c551e210f215fea4f2038ae4847485e02f72570b31965e51266ef34d9b5f95ce1ed96686cb36a97cc1a236ea027fb02f9a8bac21224ed09e8a974e5a1da2637bd7f04bdd6deca6d8a32040604de45ee5380e3e1dd10ddaf9ec81528020e3539281a7463d192c04a3d4bcfb669ceec8f05831e63ef05f7a02b198937d79146b58b01d9c317589264f70f31fb52be73abce85776d1c7915faae0460bae607de2f83b26e6a7c16b90764559d418b163b23d40c7f6f95bf39e06aefb384fe3c254d47934b55fe920fc5cdbf675c4feb8fd4c9dc827090be87eeccb1fe5ef1128eb3027e0f07768848e5818c1cd756dbd74d995f8b1ef6a5b021a4afb126a3419df5b802116cd000cab79288515029cfb979b10b6dfff63cc043b8bb13c1dac242891243e14a57ceb2db2f7ab32e9180421362e906b0ba245f4407a85d6a84b8117a9d6df0202329fe8d776797295eba2f6de2eccf8ac8fce150f6edd13d90c29331a84cdd2457c8ecf8b23d98ba8a125e88114fd759a11b599ceae70bc09b0cac38589239b0eeb88722434e2773645d2c91be4df0adad36f44f93790aea628abfe826f48cce9508766fd83c50d4e239be566faa821fe47f6de48491114539014704cae74d2f88047be69e608d85164dc422550503d6f0859711f45a82382b95b9780d4b4a89fcaa98fc92ca29b8588af1919a838b8da1c4a8a765a03ec6ca1a55587c0587de1c9d1ec27a014a969975b663ed21f9c7e6acd9ad0b048c28e4a5b4bf2d00f861553bf93c949ba89afa6d0770d142c236cf801a2438e5e6111a3e6c7ea2a2cbfb8db8d2d292d7779ba197bfcfc82cd7aa829c9d887eb70553e32d1f7bc2010ddfac28e631712f9b1984d9209629cebd903ebdadff5ea171716f846e4076a8b8430d0bb226b70d56ace8960fa5e113544bd5dbc170ccb734c94d8b94e911c20bc68b77a47f82977f0ec9a77813680ad56ade73b71538ed6553e31772e770e30d53b2a5caab2f53477b1325904d88e94a3c3480a4a600289865165c034f242fc91a2e82e98f202556d5f79f4087fd85b8670212a44701f38410bf37ba754308ee07a35bcc0dfc03e2cadc063d2a65fc751c9d567d88b22e8648d2bec3fdf63877f85af571a76d7360db14747a7e9caf718950c15516ee92fa99ad88200aeee14a38be17659bb154bd3dedf18b06dd2ec0c1a03dd9768244fd1bdd3e8c77d1d998a7ab4c533011d0082e229da6d0872f01041b6d6b9fec84f175dbc76332d90a18145ff098dc7912cf03f2b298d1297c5872686d50bace1478da64f910ac13d1337875d36839d764e192837cf977d5e04dd3c26cc89b6c53d410d15cd9205f452f2d32ca6c6952d0a8ef6542a08336483dae6f0b42b5923b13e387c05ee8e0c29a38f4bca3e7f5279bfdc342eec19d15dc765123d27d092a10b85fb688677c8a534e6f79827d8352c867497d8d291fc528d287113f509f0e491bcb240b0811b22bfd20183d1ce940b39c9597e11903f90e677df2076502f0ab8c70ceec88c9e6396e33b8d9bc91174b53249f19ba8e796febfd67bfcb3cf01a8757424a080b640cdd5fbe005478ccda979193a27998caa07e5385fa5e349df9ecd4d75dd4d08090563f15a9ff3b951febe2e33735759b40e7947915d1c26023ea425f313b73f478e52a3a3fe39245af197123c8d9d8ea7cb614135ce7f0ddb7c5bfa3f8bb79e3c0f9fba99d3acb076d59eaf1f302ee1cd66deadfc9ca0bc4421874d382172bef8c4bba222000000000000000290000007fd400006f14b62c709f29f0e889572cff840000a000000000000000030100000400000039d960d7caf07152f432c2278eba6be8a5ab7ebb64fe0d2d19da7852bc6fa3e7895c415c7193f15cef607dc5bf3d4482a6c9f998e60648cc143dea6781278a59c5a22cb156ea0d824e3b80d800dbaf16270b8adf145dc27c811346c974bbcf1fbaf78e956daf058081aa34fe14ad55549198b20fc2fa74c42c67d195780e604f55f9844109000000000000000001000000000000040100007f0f00002516bfd4fefff915c6257f9d11dbcd650e6a34b6182304b1c22790618c58fe9b9ab27191270268436db8f80cd962667380eb7ae7dc6766488abfbc7c49204d24cc0c0731365d82bc43dcdbc834cb0da4ab948461f4b80adcff0d3ac24df58b4379102fad84427def04d480bb746582cf01e0d17b9ed4b6920ea8e9990a3639f82a36a07f26fc2e91e18a13d80aed1f3f9b464bdc88e6ba074faab6ca111d9f4452568b95e41c20acb465e07f690ce85a831b25426660bce48b529b122559b419d37460d0bdb50255842d777d708918083423eb4f0825861913ca183b851b999d7e62307ea2c371f930f3359baa44000090000000000000008400000004000000292f587c22e9dc4dd81fe0bdb03d680c266daedd89546c8ebd7c9e86aad265bec452b64006f55326d67173761115d72358298e0227f21ffa78346553f0e5acfdc7780ab1e4e0b1bf3a44017bd127f11066831fdfa85f2c57829a684ceec5af72537ea300c50a93fc4817a00c698c2ff8ed6f45bc00000000"], 0x1358}, 0x4) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0x0) syz_open_procfs(0x0, 0x0) perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x6, 0x5, 0x9, 0x0, 0x0, 0x0, 0x40, 0x9, 0x9, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x4f0e1827, 0x49b6, 0x0, 0x2, 0xad4f, 0x3f, 0x2be, 0x873, 0x3, 0x0, 0x800, 0x0, 0x0, 0x200, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x100000001}, 0x404, 0x35a1c1a3, 0x100000001}, 0x0, 0xd, 0xffffffffffffffff, 0x8) keyctl$restrict_keyring(0x1d, 0x0, 0x0, &(0x7f00000005c0)='vmnet0&\x00\xf6') 02:36:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:33 executing program 1: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f000000eff0)=[{&(0x7f0000010000)="240000001900030007ff0907000083be8020000000040005031d85680300a3a2d188737e", 0x24}], 0x1, 0x0, 0xa7}, 0x0) 02:36:33 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) utime(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0xffffffff, 0x23cc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) pipe(&(0x7f0000000000)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r0) 02:36:33 executing program 3: unshare(0x20000100) r0 = creat(&(0x7f0000000240)='./file0\x00', 0xf) write$FUSE_WRITE(r0, &(0x7f0000000200)={0xffffffffffffff46, 0xffffffffffffffff, 0x2}, 0x18) r1 = mq_open(&(0x7f00000000c0)=' \x00@Kx\xb9\tW\xba\xb5\\B\x18v0\xcd\xce1\b\xfeY\xfe\xa3\x968\xf7 9~\xb1\xfcC\x7f\xe5\xc5\v/K\x9e\xee\xcd\x90\x1by\x8d\xd3\xb0\xa7\xc6\xb5U\xf7ph\x10Ld\xcf\xab\xf2\x0f\xec\xe8\x99\x8e\a\xa9t\x19\xe6?i\xd9S\x84\x00%\xeb\xe6\x1e\x93:\xecJ<[\xf9k\x98\x9d\xdd\x8c\xb0\x8d\x1d\xc2O\xa9<\xecd\xae\xe9\xe5X\x83\rK\xfd\xad\xac0\\F\x90N-\xa2\x9b\xd7\x91\\\x180\xeboG;zp\x10\xf9b\x15\xec\x95\xa9k\xf5\xd4 \x93\x1f\xad\x05%\xc2n\xaad\x19)\x83y\xdc\xeff\xfa\xac\xf8\xc3>s4\x7f\xc8\xce', 0x6e93ebbbcc0884f2, 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000180)) fchown(r1, 0x0, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x800, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) 02:36:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 577.134017][T28946] FAULT_INJECTION: forcing a failure. [ 577.134017][T28946] name failslab, interval 1, probability 0, space 0, times 0 [ 577.228971][T28946] CPU: 1 PID: 28946 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 577.238130][T28946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 577.248188][T28946] Call Trace: [ 577.251487][T28946] dump_stack+0x172/0x1f0 [ 577.255826][T28946] should_fail.cold+0xa/0x15 [ 577.260429][T28946] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 577.266256][T28946] ? ___might_sleep+0x163/0x280 [ 577.271139][T28946] __should_failslab+0x121/0x190 [ 577.276082][T28946] should_failslab+0x9/0x14 [ 577.280574][T28946] kmem_cache_alloc+0x2be/0x710 [ 577.285410][T28946] ? fsnotify+0xbc0/0xbc0 [ 577.289729][T28946] ? fsnotify_first_mark+0x210/0x210 [ 577.295003][T28946] __d_alloc+0x2e/0x8c0 [ 577.299146][T28946] d_alloc_cursor+0x3f/0xe0 [ 577.303633][T28946] dcache_dir_open+0x37/0x90 [ 577.308216][T28946] do_dentry_open+0x488/0x1160 [ 577.312963][T28946] ? empty_dir_getattr+0x70/0x70 [ 577.317908][T28946] ? chown_common+0x5c0/0x5c0 [ 577.322590][T28946] dentry_open+0x132/0x1d0 [ 577.326996][T28946] ovl_path_open+0x56/0x70 [ 577.331395][T28946] ovl_check_d_type_supported+0x98/0x230 [ 577.337011][T28946] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 577.342455][T28946] ? ovl_dir_fsync+0x3c0/0x3c0 [ 577.347222][T28946] ? __mnt_want_write+0x1f1/0x2f0 [ 577.352248][T28946] ovl_fill_super+0x10c7/0x3bb8 [ 577.357106][T28946] ? ovl_show_options+0x550/0x550 [ 577.362113][T28946] ? up_write+0x1c/0x150 [ 577.366343][T28946] ? sget_userns+0x105/0x560 [ 577.370921][T28946] ? get_anon_bdev+0xc0/0xc0 [ 577.375491][T28946] ? sget+0x114/0x150 [ 577.379463][T28946] ? ovl_show_options+0x550/0x550 [ 577.384467][T28946] mount_nodev+0x68/0x110 [ 577.388780][T28946] ovl_mount+0x2d/0x40 [ 577.392832][T28946] ? ovl_own_xattr_set+0x10/0x10 [ 577.397751][T28946] legacy_get_tree+0xf2/0x200 [ 577.402414][T28946] vfs_get_tree+0x123/0x450 [ 577.406919][T28946] do_mount+0x1436/0x2c40 [ 577.411242][T28946] ? copy_mount_string+0x40/0x40 [ 577.416170][T28946] ? __sanitizer_cov_trace_const_cmp8+0xc/0x20 [ 577.422307][T28946] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 577.428528][T28946] ? copy_mount_options+0x30e/0x440 [ 577.433711][T28946] ksys_mount+0xdb/0x150 [ 577.437938][T28946] __x64_sys_mount+0xbe/0x150 [ 577.442600][T28946] do_syscall_64+0x103/0x610 [ 577.447175][T28946] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 577.453069][T28946] RIP: 0033:0x457e29 [ 577.456969][T28946] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 577.476556][T28946] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 577.484948][T28946] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 577.492902][T28946] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 577.500856][T28946] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 577.508824][T28946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 577.516779][T28946] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:34 executing program 0 (fault-call:20 fault-nth:79): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:34 executing program 5: ioctl$KVM_SET_TSC_KHZ(0xffffffffffffffff, 0xaea2, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) fadvise64(0xffffffffffffffff, 0x0, 0x1, 0x7) syz_open_dev$audion(&(0x7f0000000200)='/dev/audio#\x00', 0xa8dd, 0x10000) openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x20000, 0x0) open(&(0x7f00000002c0)='./file0\x00', 0x40, 0x78) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000280)) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_mems\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) unshare(0x40000000) getsockopt$inet6_buf(r1, 0x29, 0x0, &(0x7f0000000140)=""/91, &(0x7f00000001c0)=0x5b) 02:36:34 executing program 1: r0 = socket$caif_stream(0x25, 0x1, 0x2) ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000000c0)={0x7, 0x3, 0x25}) r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x200000) setsockopt$inet_sctp6_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000040)={0xe85, 0x4, 0x9, 0xdb10}, 0x8) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "77100b6a1cc076a15ad9f0552d5b12bfc338e5269b12ac2a4ee4202c64122b0a"}}) 02:36:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:34 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) unshare(0x400) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='configfs\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) lseek(r0, 0x10000000001, 0x0) 02:36:34 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f0000000000)={0x5, 0xfff, [{0x8, 0x0, 0x9}, {0x4, 0x0, 0xfff}, {0x7, 0x0, 0x8}, {0xad8, 0x0, 0xab}, {0xe02e, 0x0, 0x1ff}]}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000080)={0x7b, 0x0, [0x277, 0x2, 0x0, 0x9]}) [ 577.684708][T28985] IPVS: ftp: loaded support on port[0] = 21 02:36:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:34 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001e40)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x7ffe, 0x0) accept$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x3e, 0x0) write$nbd(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0600000000000000000000006600000000a3ef41749fa527ab78fc53b980bd82d05a50099cbab35a2fdbede5fbab1bedfb1f8cd557b0bdfcd7f42f63af872a0a11e32f7a0cb6bb02f6b78b1ea580f6ba195947306a84c6b1962907f4b9149ec3077da286c5e7a100"], 0x68) write$nbd(r2, &(0x7f0000000180)={0x67446698, 0x0, 0x1, 0x0, 0x4, "1d86996555fd666aa24bf76fb0643547af946cceedd4f84235395f115ea95360dac59f77960568ba26c852b17f2150b7990f85db3d2d3e8cf1950a77b8c72766cd0be5eea4d351885dc0be62e36ea943bf936efc5978540e325a15900ab787be9f37a6de326b6763b6bf8c28107f542eb54740c46dc63f51a5db712a8e8cf1249e7bd12df4eae244a4a21a8ea3efe050a39b7399590aad6abc5b845904e8f37349da17769648633008917f0a7d362a2b52283937a8fddeeaeefcb28fe9a9dbd869378bd79785e1d0cfff4a605d0f46bcb6ac9dc03c339a68d2318ebe490d7143fbdddaf5f6f67abc6889ff21b707fbbcd1d55b9b90c7cd2c605a2ad41b764934420b844af3cf2bc4b9464cbc1c10d6835b3e11b40df6bfec0251282624ad10fd1351db8c8415b028446fcc4dd0d58e3f0d168a47ab551d49fea1784cb5bd7500d5ec87f0f29517ebc5ca74978d7f9c86d5d2f061382d8dcb0f11f4223c8ad12055af9b93140db12dec2e8497d4cf7b8881fe73adf169797cc5b81b3cd616917da85ec970214c9c9f6f8563e201f1d3f2b5bc5bcc064fcfa553c034dbaa90b5feaea75201b05c9f700d64d27e2b68b886ea9b44e950910a45aa3c22fdc3ba06ea6913a6bf2c82feea3cf1f9d2f5565586c9c2aa35bb5306aba7d7ed5cef425be79b92d6f6867a6caaa8e794137707bd6a3fee40fdbdf8d51727905d9b4dd09111991ae36a1c3e794f462b926b10e13123e55f83575756dc5449498e9d2e8b45c0cd25f5ecea12bc3be58dc1e9dc76a45faf26dc5619d6255c440463b8ad75926d11d60b42eacb0d0702372a665a6ab9286fc9a5ca459f64d23c544df31888e5ba0d6f38455f9f9730160780a58671d180b5c17e88670d50e6674c40e3402830554e21760ab25924a044176a9a5e26cd2a8c2e3a069d60d88d3579fd1ca92858a0fe9aaaffa057d82d661222184a54d474921da4ab79046bd2ca22f4dd36b32657be91797755b7f4c1043665327c17e9bc32a9d713856cd3a4c6ae1b885ee67af3029bef9e1f9d98aa4dc166904cd093fe820f2b2f0034e428052c4099fc6a7b07445764d7452128dda9a79bdad277fbe339d3528c68fb28674cf8bb7b14ebba9a5a71361adc3926ac5494a9ecad7548fc6c6ae63120847a8e6c734b0bf64eb9a03c8a1bd24c94928ee644251ac0a83163426d719c09b7f76e612d0b45dda49efb34f414989a71631e1888106a04ef0b40f81f23453c1e8b9a813f2da552976ee5d2904d039e18359556339a11b8ce673e6cd8682160d0a22242bd641f58d327a216141e2c9cb44b9e58aa118b9b46af2d73eefce32c2d23e83e5b345ea21b7429242db1b9b92a3257014fb9c9adb13ca756323f6ae0cf33ba791f733b480d94911afb19f860210b422a2a901d7931d830af5d67f5eeef43eb6a829d112102ce42a6d510db8ba0a4f18dd8ab6c01b5f066a28941b4695066d31acba45e95d96265f7df927e0e67e5655845cbb0d26a71835d05a6f16ee2e4ce8342f1992e085de38e42616dab8c2f23760187c213b4b9f98e7d87d9cb22abba1e43df72ea51b9cb7e26d78eda82073e9af3981b270ec7845bb74b6bee76c5ad67a7263ef64aafd966ed0c0e57f959702743280a1bf6f61e0baee667d9c4757a9ab9eb47864a3c7914771b53ec6ed7a5596c24be8912fc966cbbdf64cb008688f2a69d29138100bd9cab345c82c45d39efbf00bbd0749c2aeaa3b519c6091099a44132faf1dd078ac8cd3cf1c4056f78d2e4bad161163721c05402b75939af41bc27463a45d1d2d6cb5a5c084dc71ca9fe8d9ae765f57760604a8089dff7736f1481b5e11f280daff81c00966c5e126b0a7ffe21757e95940ecef318eae20bac1374ce2a964c5d741f4ca4c68f068d318fead33e69c107e0f2b97161a290b53550b79b842d8ebbfe50f355cdfbf4005561b91eb2eae635f29ed1b33f8902ea5437556fad06e1a922f591d128a415221a411193d3b43e461b434c1f2c93d288c6e4724f1e58d49632a8278133fc6c525bbec0d3acefb8ae7fe68613240be4dc38d264b10163280e308b805479d52f1e9f110211a2181fc1f9dcc0f0707b0e5edf791c6452523f5a6eba38a65431fc9e67cc3e52eac8591b736331ef9cc26727b136360313a589b94e35de809e6ca5d708ebcdb3e281f5ff45c4c83d893570af5a0433ec3d02da1e9b8d110339b3114f74bece4a62925cd064e13786e166a0188c8a7dbb472f0a10b09028c75339f62535d7a491485c6f7c0dd1874293b5d2f1f7b42cfbf4403704adb50294fd024782420dfb249c3a1df55e8792a8be1e61c71a200618b38b4d4b2dd23150c2a66f68439a02064117786506289c823f0a89e3a65c33aac1dc1122d45da5bacbb9c3f5fec86c3562d311cd24b030014d56a826719f9e33befda9832ca5be14eea71223762c6a80d9102bac69e7d7ec43f09bdc8646384107ecc8f827e7e9cf4869d57f8523a1277f48485d651da1a07f18a7763820b885d83504d230eb7e85dc0a990c811d5bf58d25a220250a15434c9ff32dc9ae89f7c76482b39cf0f824bf4d93aa9e1904eebcb19f04093f432aca43c4abf3b5f0c83c3f99e699311d294ae6d519ea70454f1c5d672cd00492e0208ce937e25d1eded7192e4548672e8f905ad17bf0854e1360e9b79864f8368c74f475b797c3c3dc44c547cded7a8829141c30ccd1991f288e3221e25afbc5493aa5b21c7bb7682c9d8e75ed8453cd62124597bb73912f711483e3f1148dcf075d5b6ef845b663f062f18e101e1805fdfc4156fd882bbd501da5339c22fe59fe9ef091675bcc9c1886bbba4ea2fab9ff905913b51e98d90cf54632e33c740715621bf19b63f872c08053df7b068d9fd59deb6a0235f8f4647590e383b9b7ffa390c1e7d2dee6cf5d58b534d2aba55f8f187bbe923fcbbf2b10e6257b905ce1699fcdac7323bb7d5641fc0b0ebf42e5975bc7e22c773207db91955b0d49ca20baebb20e864f217359f5a616b561af85314cc564f122b0110160cd19740a10a4b7c5010a2c8023718c163b08532675fc70408643e975650e256ea095abae2401698fb435bc574f5466579842d17282c3198331cbe8f31f49b0880c0b82be0b966018e4378f6f9f8c23b14b8790a71722cc09a4deb00641da002b80e6ed97b0c0c31b5e09701e8f4371dc6bf0606e534e1ba40d58d4015dd2dd2fff20c1763e7df809193dba1151429be807680741e12ed2cf2611f063cf2dd5939220042b378eed2b4512dca1d32cb3621f14102977cced4aa3e45dff4966a96d84629dba8292a27fb35845d9770cc618d8df4c63792b2ad3744c3196c5e2fd9f8a59712b60e365b0023d1a4c30b8e01096688cf8c850fcc584be8fa4aa17017f97c63cbf77f2d2d13ff32d9faca7d865e280b5640334640558aca94685122e3eb53f12936a9fc6b30431379f662e4a6508862eddcc4d4c5065cd202c9d9f71c4bec512d60563e4a66c69ad4611fe21cab75253e9ed9b26bbe9602714beb3ed0d69e4ec89dda396c17e5b7574c91d1fc5724dd4671fdad4e04c2bdb0a3db7d1a3fe4d4b5c349d88c15729d48c698a6f6ca4eca51443a18f3da1d4b04b41c2561fcbf97d9410e88b2e3d1f57a7c6c08fc722a23f1c30348a2e81439a075e24495896bb360e83756adedc0a3f2a9b62ed6428d20598738122fc936977ddb283020d4abc1bc16a8f8e45c510b029098662507e0560ffcb3680511b05731341952d71f41a2143f86be0bdac579d76740770b7b36a72e21e060a4e8fd232f95fd7b7be8a5e1011466dd432b1ccd064c4dc532a4ac3fe557802fb8d9530a969a642c0dfc115d0f9fd8738fe5eeb1d41a0f79418da7426c15c37afaa0a5d8c5d57125eeee32b5d638ea56028c516e04b864aca2816bd0a61854ee31c0568d1db83ee8bbf5a1efcf869896a891608832b5fa40e6ae5cfc0ce204d20ba8c3f1cf3d619137c7727abb0aba4b97375304450d76474a2a75ca094b6ddf2300cee259882c6eb0fae1039f0dcf450e938f261294bcf01b549f62a895c9f1a7836b10b9dfc7991ed84e94844156b8b3c394d7bc8204e6b097551fdfdef3d5eb456b6748056df19f5718231978eb861c663f7a64640f4f74d850544990fe5b683a20a57e7dc1d75f41a5124f474c185bea6d4aba90626ef8f9ed7c1893d7040497fe3629547c17bdd84bbef5f39deb2fecbb07dd921875357484d0e9949f94cbdbcee90c859a2762cde16339eb32e08ef9d38fd38042f77416e98906097f3aab9d46f5c665db5888067285074014b01e84e3c073709cd54944688fbc846b5d9cf57363520cad168cd2ff7a5c63104f38d243a852ef2f7e3caceca10984cd260a3d49c450203c572dd8793e57e384d9f708b8163efb5a18c5e5c827759cab0d59c1413fc9fe11d73ff0394535e26e56072a10b3d74286ce536d929fe8ce5a5a92c11e998bc8b766d3702f2e60ee57b6b9cd3ae5d3b41e5a63c97b09e61cc19e7e309fefe056b894c8d08bb13c70f7ac3938ee134f249c9819dc61fe9987696bd18281db25e2d09333a4bb9982c18ccb60659300d6c1baa12fae3e5bbbb95ba30cd033ec4be6e4ff847726a9106052ab7f9155a6404d0c9592a9650f952a4be7d98c1d0325c10bcee029f7eaad6ce6b255c85a4d32042b1e0d243667ec976fcd99719f7a5ae7acaad15aa1782f8507eb337bb7478d6185fe9424156b902fde1affdeab098dc4050e5c6f62c2d9f3eacfa26b9b4e7cb4ccded889a91f46acc1c6aa4d95d5ce6de4161e67d587ae1e23539eba5973e5b43f08758cec36273ac47a0edb1befe138e3be85c5d85daa9319f191e5c55396f21ff191493a3879decd7ac788bf946df022df5554cd0a07a561d021fd56b284ad56c3f9584334570672af2fa44997f316bdbb706870e64ff0402d3f766a3e6d2ac9812a88c49b6886977800dbcceb0644b359f837d147d4974f78093c5aa8504b2669d7e4db603a1ebbbad59046c42402245bd737bbb456d142a7d236d6d7a3982004c8cd96108e7470eb4a540e73a1be1be8f648e33c6b7a729fba44896d0c735cd21f562b8b0cbf29d3c70254b3cd1788e8bc85975f56d3005d04d36e8e99d0cb892535f868dc492e965cf95151b4580d54e55b1eb06f5b6ce04b8e0e19566b432d5a76f7821c096bb049021dbb8092dabbdb750748993789fd4c42736edf10a7106b7266e1e267c9142edbba2573d3493dca0a77821c0eb8b4838faeee8fb818e8b51d7c42a6b2b2bba1633d10a0967486c4229d8916c55c79c9405810ea79d51129030869b4aa4ae2ee4e0fe5f71491ad0159b73589c03d51354bb1909f149f27237341b7649625bda8992c4b0f08efef3a63a607e131baf4f3c3a385e8b0aa4e383936453bc04d143a5411fcba742b53a9846718d21b3fe140ed54d5456c6f4b8724a49ef5c71d7f7fee30d553f172e15945ff3bfb5f5a99651cb89500d9ad1b8211953c7992cad9d921d6844f959faba31d2095d5b30b845ea7469365df660a792bc2fb47df28f651eaf868f0f3161477fbef171713f4af3bf0599b1d06816eeff0e09778774279dbf75bf132e41f038fde3530e5cd277b8fca2a36da40b221b77329ce3eddc5530229557d5c63de27508aa52a50ca065165fae722d4df9eea13b068c4c3eb4f6b54e5304959ce385ad70160a30cce9bdcd8b3a1a6e8171632f63b823114474b04d9f4e02f90b1f3e48be08d596cd67657baff4ba0e865dce9478d980d1e5"}, 0x1010) 02:36:34 executing program 1: getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000180)={0x0, @in={{0x2, 0x0, @loopback}}}, 0x0) setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000180)={0x80000001, 0x8}, 0x2) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) poll(&(0x7f00000001c0)=[{}], 0x1, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0xc0c0583b, &(0x7f0000000140)) 02:36:34 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) ptrace$cont(0x18, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:34 executing program 3: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x40000, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f0000000200)={0x3, &(0x7f0000000040)=[{}, {}, {}]}) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcs\x00', 0x800, 0x0) ioctl$SIOCGSTAMP(r0, 0x8906, &(0x7f0000000280)) clock_gettime(0x5, &(0x7f00000002c0)) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, &(0x7f0000000300)={0x0, @aes256}) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000340), 0x10) r2 = syz_open_dev$vcsn(&(0x7f0000000380)='/dev/vcs#\x00', 0xe5f, 0x10802) ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f00000003c0)=0x1) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000440)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x74, r3, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@rand_addr="882d9158a3144e04d7dcd9e3fcd0bde8"}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x63}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e20}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8005}, 0x4000) ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r1, 0xc0305615, &(0x7f0000000580)={0x0, {0x3, 0x2}}) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000005c0), &(0x7f0000000600)=0x4) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000680)='TIPC\x00') sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f0000000740)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, r4, 0xf00, 0x70bd2d, 0x25dfdbfb}, 0x1c}, 0x1, 0x0, 0x0, 0x48c0}, 0x40) syz_genetlink_get_family_id$fou(&(0x7f0000000780)='fou\x00') getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f00000007c0), &(0x7f0000000800)=0xc) arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000840)) bind$bt_sco(r0, &(0x7f0000000880)={0x1f, {0x1000, 0x1, 0x9, 0x3, 0x2b, 0x3}}, 0x8) ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f00000008c0)={0xc, @sdr={0x0, 0xfffffffffffff001}}) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f00000009c0)) removexattr(&(0x7f0000000a00)='./file0\x00', &(0x7f0000000a40)=@known='com.apple.system.Security\x00') ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000a80)) fsetxattr(r0, &(0x7f0000000b00)=@random={'user.', 'vmnet0\x00'}, &(0x7f0000000b40)='\x00', 0x1, 0x2) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000b80), &(0x7f0000000bc0)=0x4) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000c00)=0x0) ptrace$peek(0x2, r5, &(0x7f0000000c40)) recvmsg$kcm(r2, &(0x7f0000002e00)={&(0x7f0000000c80)=@un=@abs, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f0000001d00)=""/173, 0xad}], 0x2, &(0x7f0000001e00)=""/4096, 0x1000}, 0x0) ioctl$PIO_UNISCRNMAP(r2, 0x4b6a, &(0x7f0000002e40)="e0b66e9b12336794afb5be0454b6f83de70096c1a16ed0fd88da9c76b0983c1b438038dcfb1fcafe1895d9b050d0b985c692b284097fd71318324b9f5a957fcc12661aa155321a33a39656103f8b946ccfa25e414cf1565b18614c2835d72addb4525ba13599f29286352eb711f56a3c6036651358b1b6e3735e715cd0b43ee558164243eccbb794564bcf41d4703e") ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002f00)={'vcan0\x00', 0x0}) bind$xdp(r2, &(0x7f0000002f40)={0x2c, 0x7, r6, 0x11, r1}, 0x10) [ 577.944537][T28998] overlayfs: upper fs does not support tmpfile. [ 577.961799][T28998] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. 02:36:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x200101, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x6, &(0x7f00000000c0)=0x7a, 0x4) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffe) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) connect(r3, &(0x7f0000000000)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x43) connect(r0, &(0x7f0000987ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r4 = gettid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000500)="0adc1f023c123f3188a070") r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) unshare(0x400) fcntl$F_SET_FILE_RW_HINT(r6, 0x9, 0x0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000100)={{0x2, 0x100000000}, 0x12}, 0x10) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0xffffffffffffffff, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r4, 0x1000000000013) listen(r2, 0x5) [ 578.007773][T28997] IPVS: ftp: loaded support on port[0] = 21 [ 578.026226][T28998] FAULT_INJECTION: forcing a failure. [ 578.026226][T28998] name failslab, interval 1, probability 0, space 0, times 0 [ 578.064223][T28998] CPU: 1 PID: 28998 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 578.073390][T28998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 578.083445][T28998] Call Trace: [ 578.083469][T28998] dump_stack+0x172/0x1f0 [ 578.083492][T28998] should_fail.cold+0xa/0x15 [ 578.083517][T28998] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 578.083539][T28998] ? ___might_sleep+0x163/0x280 [ 578.083561][T28998] __should_failslab+0x121/0x190 [ 578.083576][T28998] should_failslab+0x9/0x14 [ 578.083590][T28998] kmem_cache_alloc+0x2be/0x710 [ 578.083617][T28998] alloc_vfsmnt+0x28/0x780 [ 578.091455][T28998] clone_mnt+0x71/0xfe0 [ 578.091477][T28998] ? __kmalloc+0x5d5/0x740 [ 578.101835][T28998] clone_private_mount+0xba/0x100 [ 578.101854][T28998] ovl_fill_super+0x231e/0x3bb8 [ 578.101887][T28998] ? ovl_show_options+0x550/0x550 [ 578.101903][T28998] ? up_write+0x1c/0x150 [ 578.111672][T28998] ? sget_userns+0x105/0x560 [ 578.111692][T28998] ? get_anon_bdev+0xc0/0xc0 [ 578.111705][T28998] ? sget+0x114/0x150 [ 578.111721][T28998] ? ovl_show_options+0x550/0x550 [ 578.111736][T28998] mount_nodev+0x68/0x110 [ 578.111752][T28998] ovl_mount+0x2d/0x40 [ 578.111769][T28998] ? ovl_own_xattr_set+0x10/0x10 [ 578.121083][T28998] legacy_get_tree+0xf2/0x200 [ 578.121106][T28998] vfs_get_tree+0x123/0x450 [ 578.129656][T28998] do_mount+0x1436/0x2c40 [ 578.129678][T28998] ? copy_mount_string+0x40/0x40 [ 578.129697][T28998] ? _copy_from_user+0xdd/0x150 [ 578.129718][T28998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 578.129731][T28998] ? copy_mount_options+0x30e/0x440 [ 578.129752][T28998] ksys_mount+0xdb/0x150 [ 578.139149][T28998] __x64_sys_mount+0xbe/0x150 [ 578.139171][T28998] do_syscall_64+0x103/0x610 [ 578.139193][T28998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 578.139203][T28998] RIP: 0033:0x457e29 [ 578.139221][T28998] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 578.149038][T28998] RSP: 002b:00007faaf9957c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 578.149053][T28998] RAX: ffffffffffffffda RBX: 00007faaf9957c90 RCX: 0000000000457e29 [ 578.149063][T28998] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 578.149072][T28998] RBP: 000000000073bf00 R08: 00000000200007c0 R09: 0000000000000000 [ 578.149081][T28998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99586d4 [ 578.149089][T28998] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:35 executing program 0 (fault-call:20 fault-nth:80): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 578.178028][T28998] overlayfs: failed to clone lowerpath 02:36:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x800, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x1) connect$ax25(r2, &(0x7f0000000300)={{0x3, @bcast, 0x1}, [@default, @default, @null, @bcast, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x400000000000277, 0x2, 0x0, 0x400]}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x180, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@local, @in6=@mcast2}}, {{@in6=@mcast1}, 0x0, @in6=@mcast1}}, &(0x7f0000000080)=0xe8) 02:36:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) ptrace$cont(0x18, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:35 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f00000000c0)) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) set_mempolicy(0x0, 0x0, 0x0) 02:36:35 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x805, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x100, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'hsr0\x00', r2}) recvmsg(0xffffffffffffffff, &(0x7f0000000cc0)={&(0x7f00000001c0)=@can={0x1d, 0x0}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000240)=""/238, 0xee}, {&(0x7f0000000340)=""/103, 0x67}, {&(0x7f0000000880)=""/147, 0x93}, {&(0x7f0000000940)=""/78, 0x4e}, {&(0x7f00000003c0)=""/13, 0xd}, {&(0x7f00000009c0)=""/125, 0x7d}, {&(0x7f0000000a40)=""/200, 0xc8}], 0x7, &(0x7f0000000bc0)=""/211, 0xd3}, 0x10020) sendmsg$nl_route_sched(r1, &(0x7f0000003ec0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000003e80)={&(0x7f0000003fc0)=ANY=[@ANYBLOB="60310000300008042abd7000fcdbdf25000000002c01010028011f0000000c000100736b626d6f6400008400020024000200ffff0000000400000000001020000000200000000000000008000000000000000c000300925e63d021f60000240002000300000003000000050000100200000009000000000000000e0000000000000008000500020000000c00030000000000000000000c00040000000000000000000c000300000000000000000090000600903bc9afa79662e7ef11b9e3ad96abacf64eda2ca58f8fc1752546d346dd111b6c8a5d613fc4ac826231a073c565921c27df83197036ad1c1437151e33020c7d9dae58dca20d5f1e8cfaf54f9a437803b406ac4672ecae336bed164e0146712c3cb60f6b4928be76b6ee44acacf6532e273f380c7097e4b8eb50ca11c44df4b4b44525ebbb683bdfd209bd000000d8000100d4000c0000000800010069707400600002000800020007000000140001006e617400000000000000000000000000140001006e6174000000000000000000000000000800020002000000080003000800000008000200060000001400010072617700000000000000000000000000640006006dfcb0e9094917279869a8aa40be6a7edb61e5f25317cebcce16681ccfdfa495f46e4343131d8fc3f28bbb53bb5f94dd3ef2de4040add63d7994f2a39abbd65978f6478ff65d7d592f51673408617c55f780dc8c6a2ef11216e28cc9d900000000004800010044000e00000008000100627066002800020008000300090000001c0004000200020600000000000008fffffbffff07000703ff0000000c000600d1f2ef2b5a0000000000580101005401130000000c000100706f6c6963650000d0000200080005001f00000008000500010100003c000100060000000f000020d00000000500000007000000000004000200080000000000050000006b92ffff0300000004000000300d0000ffffffff3c000100010000000700000001000100000000000000000000000700ff030000030000000601020008006100ffffff7fff7f00001f0000003f08000008000500020000003c000100ffffffff010000000002000001800000ff7f00007f03600b0200c2003f00000002017f4b05009d4d3f00000007000000010000001f0000007000060062786ac4355645c7e766d596ce0b2f5c4b6b51d6f63abb59935f60c03f4ef3c2574307a192072a950743bc568c3365ab3e7743130f10568c733e530c18ad907881ce067342244ea500f97c7f4480f897f2e04abc1e9c30af0d9e7eb51432922315af0079feea6e23133e4b000000dc000100d800050000000c0001006d697272656400002400020020000200070000000000000001000000ff0700000300000000000000", @ANYRES32=r2, @ANYBLOB="a0000600a69fc3a292a79cb78feeab452446a2158069a60ebcc4ff5595ba1b6adf39c08059e24aff3483056bb6ffd2ac2e7fa3ca133a4028c8e3a691423775b4e82f722a643da8a89ab11c43ac6a23b3f99c3a60492afc028b0d3f871689f546f94fbde691c7766af23cebe717d8d56102e65f2f26239d8260333a0a96c3756fb4e74fcada4cfe152cab5c5f9d45ded5e3d6110ffa61f50c86cbf39163a5cc3770d20000000000ac000100a800020000000c0001006d69727265640000240002002000020001800000010000000000000001800000250000ed0c3440395e6bdfd2537481abccf5452dca9f0c7a2ca4b1311e6150b83b3510e9804016ddb32c503236b6bb9515b9980a52ebf2c37e360897f3fe9a4c5430cb5fd15b1411cd0fd6170756a73aca0200c1915a5d53b65bc650c4bf466d7e6d", @ANYRES32=r3, @ANYBLOB="70000600ef0783c68face33d3c92f4c3f65998ca986cb7af177907905bfcbe880e83cc8f81549b32751b1056e519f06012d3e18e934cda912110e31c5ef523c1a2877e00caf2a67580c1449d54dc9303db2a40c49a35e8ec874aa3641f453a7fe56cd32a807ed69d20538c70110df4000000202c01001c2c150000000c0001007065646974000000842b0200200e040000000000ff01000005000000d72bffff0700000006fd00006c00000003000000020000003f000000ff03000002000000ffffffff050000000900000000000000ffff0000171d0000591f6c4a06000000b00000002b00000002000000ff07000009000000090000003f00000052000000050000000800000000000080060000008230ffff0900000004000000fffffeff00000000fdffffff810000007f00000002000000050000000600000000080000df000000000000000002000001000100c836000007000000d700000000100000ff0700000900000009000000ff07000097e90000020000000300000001010000ffffffff0000000008000000a31a00007ba500000000000000000000ff7f00000300000004000000fe5a00007fffffff010000000400000000000000fd4a0000040000000100000006000000040000003ef200002e050000070000000600000006000000000000008100000008000000030000000100008000010000000000000500000001fcffffde03000008000000bf06000005000000e0ffffff5d50507f00000000f5668d5897dd29700100000006000000fcffffff000200000900000000000000080000000600000006000000c0080000000400000800000006000000080000000700000006000000050000000900000003000000030000000800000002000000090000000700000001000000e70800000104000001000000030000000200000000f8ffffc1ffffff04000000020000000000008001000000010001000400000006000000fa070000200000000100000004000000050000000400000000000000060000008100000020000000ffffff7f800000000200000000000000ff070000a500000000000000580e000001000000030000000700000000040000ff010000ffffff7f090000003304000033000000060000000100000093000000fdffffff04000000f00000000900000002000000010000000100008007000000b80d000002000000cb0c000000000000d80b000036ac0000c5000000ff010000ff7f000008000000010100000080000000000800080000000200000002000000b8040000f7000000000200000100010080080000080000003f0000003f0000000100000007000000040000000400000040000000ff0100000300000065000000f7ffffff0500000004000000060000007e0000008000000009000000ff030000ff07000000000000010000003d070000feffffff01000000070000007205000006000000030000000200000000000080ff030000090000002b0100000440000005000000080000001f00000001000080179400000000000022440000010000007b4bc17c07000000080000000200000008000000030000000000010001000100c1ffffff08000000ffff0000402281314409000013000000c1ffffff02000000060000000800000000000000000400000200000000000080a6b700000104000001000000ffff000045ac00000100000000000000080000003f00000005000000090000008f0c000000100000060000000200000008000000070000005f0c0000000000003b000000df0000003bc3d1010500000003330000ff0300000200000004000000cc430000000001000700000008000000000000000600000040000000ee090000018000001f000000024c00000200000000800000ff0000000600000003000000040000000000000000000000fbffffff070000000300000001ffffff1e0000003139ffff010001000300000001f8ffffe0f5ffff05000000ff010000000000000500000000000080018000000800000009000000400000001f00000002000000480800000800000001000000080000000000010001800000ff0000000400000003000000050000000000010000000000020000000100000005000000f7ffffff05000000000000800500000003000000ff0100000300000000000000030000000100000009000000a1040000010000000900000000000000070000003b0d00000000000004000000ff000000080000000000000001000000030000000700000003000000000000000900000001000000fdffffff83d6ffff810000000800000000000000faffffff2a67000001000000ffffffff00040000ffff0000050000000300000002000000018000000500000009000000dd4d5f1dd1d200006c800000b1000000e70300000100000005000000090000007d00000007000000fdfffffffb020000050000000400000008000000000000000000000008000000020000000000000008000000010000008000000000100000050000003f000000000200000100000002000000fdffffff00000000010100007f0000000000000005000000050000000080000001000000010000000000000007000000001000004d00000000000000ff7fffff00000000ff7f0000000100000001000000000100060000000200000001000000070900001f00000008000000050000008f6c0000f27f0000050000001f0000000300000000000000000000800000000079feffff06000000ffff0000090000000900000001010000c3abbe2a01000000040000000400000000000000080000000000000005000000008000000100000000000000090000000200000001000000050000000000000007000000fbffffff07000000feffffffb70000007900000001000000020000000800000001000000000000000104000003000000c902000002000000040000000400000005000000919b0000ff0100000100000009000000010100000b0000000000ffff080000002000000007000000ff0f00000700000009000000fff5000008000000ff00000080000000010400000500000001010000569500006f8dbf470000008081000000040000000600000002000000fffffffff9ffffff7a0000000010000071000000f00000000000000006000000070000000900000000c0ff000101000000100000050000000101000002000000070000000000000004000000dae600000700000000000000080000000200000007000000050000000180000001800000070000000600000002000000e109000081000000040000000800000005000000000000000104000001800000030000000000000000000000930000000500000004000000090000002c540000000000004d000000feffffff5b01000004000000000200000700000000000000ff0f0000e700000027000000000000000000000048040000030000002232ffff02000000010000000600000004000000030000000100000000020000ff0100000400000006000000fdffffff07000000000100000200000005000000ea9c5c4e0600000001000000ac0d0000ff03000003000000060000000300000004000000030000008b00000009000000ffffffff000000000200000000000080ffffffff25000000010000007f000000090000000001000053000000850d0000000000005ae7000008000000ff7f000008000000010000000700000002000000400000000100000002000000faffffffd00000000001000008000000050000000700000009000000000000008309ffff3e0b0000050000000800000006000000c7050000010100003c000000020000000200000080000000ff070000b90000004a03000008000000020000000010000009000000090000000600000000f8ffff0000000005000000ab000000040000000900000008000000280000007f00000009000000060000000700000003000000010001000500000002000000f9ffffff070000000500000034000000040000001f0000009a020000366000000900000009000000010000003f0000000100000001000080080000000000000077000000b860a95d00000000ff03000080000000ffff000001000000ffffffff1c0000000004000005000000000000800400000007000000000000000700000000000000bb000000070000000600000000000909b1ffffff09000000050000000002000000080000ffffff7fff0300000800000004000000aac40000807700000800000000040000040000000800000005000000070000000400000008000000ff0f0000ad00000000fc0f0012520000030000000000000007000000000000008100000004000000c0ffffff01000000010000000100000008000000010000000900000001000000c20000000600000080000000ffffff7fff03000005000000a7afa00dffffffff09000000b506000002000000050000008000000077165b3409000000cd05000009000000020001000300010003000000000001000100010000000100000001000200000004000100050001000100010007000000000001000300010000000100030000000400010000000100050000000600010001000000010001000700010004000100010001000400010004000000040001000200000005000100020001000000000002000000070000000500000007000100020001000500010002000100050000000000010003000100060001000200010007000100050001000500000007000100030001000200000004000000010001000100000003000000050001000700000007000100020000000000000002000100070000000500000003000100030000000300010006000100030001000500010007000100010001000700010004000000020000000500010001000000070001000000010007000000e4af01000400010004000100030001000700010004000000040001000200010000000000030000000400010005000000000001000300000001000000010001000400010000000100040000000000010000000100070001000400010003000000020001000300010005000100010001000000000000000100010001000400000005000100050001000700010000000100050001000400010005000100020000000300000005000100030000000300010002000100040000000100010007000000010001000300000000000000f80e02000100000000000000fffffffff8ffffff090000000106000000000040f7000000da7800000100008040000000a30000000010000003000000000100007f00000000000000000000000700000009000000f7ffffff070000000900000004000000020000000001000006000000050000008000000001000000720000000800000004000000da07000069e9000000020000000000000000000000020000810000000600000002000000090000000600000058850000ffff000001040000010000000600000001000000030000000900000002000000020000003f00000003000000060000000300000000000000030000000700000003000000000400000600000000000000070000007b4800000500000046400000020000001f00000001000000050000000500000004000000080000000900000009000000000000800700000005000000010001000000400201000080f7ffffff00080000030a000003000000000000000200000000000000ee000000b000000008000000060000008f070000010000008000000008000000cf0c00001f000000030000000100000001000000ffffff7fffffffff09000000018000000100000000000000ff0100009b00000001000000050000009b0000000300000001000000faffffff040000008a0000004c00000040000000ed8f00000500000000040000090000000500000000080000008000000800000081ffffff01f8ffff00000000ff7fffffffffffff00000000ff7f0000010001000700000006000000020000000700000043020000050000000a0100004c0f0000000000000400000007000000ffff00000400000066050000ff0f000001000000000000000001000009000000010000009f00000007000000cf0b00009fc6000007000000ffff0000ff03000000000000060000000080000004000000080000000700000070ac00000500000004000000010000800300000000040000010100000200000008000000f4000000ff000000ff0f000004000000a10000003f000000fcffffff0004000001000000000001000700000080000000ff7f00000700000009000000f5f3ffff000000000300000004000000060000000010000006000000c2000000ad000000ff03000000100000f695000001000000ff7f000000000000040000000200000008000000040000007f0000000000008001000000ff7f0000080000000400000006000000060000000100008006000000010100000700000007000000ff7f000003000000ff0f00001f0000000800000004000000050000000000000007000000010000000200000000000000fdffffff05000000010000000100000000010000010100000700000009000000000200000100000001000000080000000100000006000000060000000200000000040000ff010000010000000008000000000000ffff0000080000009c0000000000000001000000310c00000600000009000000050000000100010003ffffff06000000000000000000000000080000090000000200000009000000ffff00000600000002000000400000000008000001000000400000000700000000000000ff7f0000ff7f0000ff07000001000000010000000800000006000000010000000004000000000000530000000500000007000000090000000100000006000000040000000000000005000000ff0f0000000100007f0000000700000006000000010000000000000000000000020000000100000002000000090000000900000000040000040000005a4f00000600000000000000000800000600000003000000ff0f0000a103000009000000a203000000000000030000000400000001000000f00200000100000003000000000000ff2302000081000000040000000600000019060000060000000000008009000000080000000600000002000000f556000001040000b300000008000000090000000300000001000100000100000000000005000000040000000002000007000000090000003f0000000900000080000000010000807ac300007504000000000000f6010000000000000000008005000000070000000800000098000000080000000500000001000000030000000600000001000000050000003f0000000000000000800000400000000600000007000000ff000000410200000300000002000000040000000100000007000000000200000c0000000000000000040000010000807b0f0000ff070000000000007f00000000000100250100000200000081000000080000000600000009000000cd0e00001a4ce51507000000000000000500000005000000010000000900000000000080ffffffffdc6800007f00000009000000040000008403000000000000000000808f030000030000009bbf000001010000070000000800000001000000040000000200000000000000ffffff7f81000000b535000093750000010000007f0000000100010005000000ff7f0000020000000300000009000000030000000400000003000000ff00000005000000000000000400000007000000ff070000090000000100008007000000a60000000000000003000000ff00000004000000dd6900001f000000a40a0000090000002101000007000000010000000900000059000000d30f000008000000020000000180000000080000010000800400000004000000a80600000000000009000000ffffffff010000800700000000000000060000004000000000080000020000000900000081aa0000030000000104000000000000060000000000000007000000ba6a000001000000080000008d2d000002000000250000001f000000010100000900000004000000ffff000001000000ff01000001000000060000002fd7000004000000860000000800000004000000fcffffff08000000ff070000faffffff03000000b90d000004000000dcf0ffff010400000010000000800000a7ac832f02000000ed0000000400000001000000ff010000d90e000007000000ffff00000000008001000000ffffff7f08000000810000000700000004000000eb83515a0100008000000000020000000100000004000000c20b0000000000004bef0000ff0300000200000001000000010100000008000005000000000000000700000087cf00000200000006000000010000000200000044140000010000004095000008000000faffffff070000005219000048830000cc4e0000d400000006000000e40b00000000000004000000d60400000010000005000000040000003f0000002606000003000000070000004000000081000000080000000600000003000000010000000300000004000000000001007f000000040000005fffffff07000000b4000000ffffff7fd50000001f0000008000000005000000050000000000000001000000000000000900000079000000020000000000000001040000f7ffffff000000000400000007000000030000000600000005000000000800000400000000080000340d0000ff010000000000000500000000000000a702000007000000290b0000ff7f00009f000000ffff00000700000080000000050000000a060000060000000900000003000000ff0f00000400000081040000070000000000000004000000000000000000000003000000da000000040000000700000009000000040000000000000000000000060000000700000080000000ffffff7ff9ffffff01000000ee020000010000002b000000060000000400000007000000040000000300000003000000ffff000002000000080000000800000008000000710e0000020000000100000002000000070000000000000000000000000000000300000051df0000ff03000003000000f73361590200000009000000c400000020000000030000000000010009000000d700000009000000010000000400000001000000800000000000010004000000070000000000000001000000ff0100000200000074060000030000000300000000000000000000000200000001000000db0e0000ff0f00000600000003000000f2040000000000008100000008000000f8ffffff0600000005000000ff7f000000000000140000002a0400001c000000060000007600000081000000810000000500000000020000ffff00000100000008000000090000000080000009000000ffffff7fac03000020000000000000000600000005000000d60a00000500000004000000080000000300000000000100fffefffffffeffff01000000090000000300000003000000030000000400000007000000000004005914000009000000070000007d00000005000000004000000f0000001a3d000002000000ac0d0000ff0300000500000089090000ffffffff030000000000008007000000ea0800000600000008000000040000000004000000000000b4ec000018ffffff000200000700000004000000060000002002000007000000010000000200000000100000630800000900000001000100f1e7000000000000f2130000040000000800000001040000090000002effffff03000000030000005a080000378a00000300010005000100050001000300010002000000070001000200000001000000050001000300000003000100000000000500000003000100010001000100000007000000050001000700010004000100477f01000200010000000000010000000100010007000000020000000400000007000000070000000700010002000000aa96010003000000050000000000010005000000000000000400000000000100000000000200010003000100070000000000010000000100050001000300000002000100040000000100010003000100070000000000b97c0200010002000000000001000700000003000100040001000300010001000100070001000300000005000000040001000200010005000100070000000100000000000100f24d0100000000000100010004000000070000000400000000000100000001000700010000000100040001000300010005000000020001000100010007000100030001000500000003000100030001000200000005000000030000000200000000000100030001000100000002000000070000000600010001000100050001000700010000000100000000000000010007000100050000000700000007000100030001000100000000000100040000000400010007000100020000000400010000000000050001000000000003000000010000000300000002000100000000000700010000000000680e0200fdffffff080000000000002005000000010001001f010000010001001f000000010400000700000029070000050000000600000020000000020000000000000047ef000000080000ffff00000900000000100000eb3e000000000000030000000800000000000000018000009d550000030000007f08000007000000000000000001000007000000000400000101000000000000ffffffffe1000000030000000900000001800000ff0f000003000000030000001f0000000100000005000000060000000800000008000000ff010000800000000400000005000000050000000100000020000000080000000ac7000003000000136d3422040000000300000003000000f7ffffffffffffff00000100040000000000000000040000090000000500000007000000b40f0000040000000600000020000000ff030000ffffffff0900000099000000080000004000000000000000030000002000000005000000ff0700000600000008000000050000003f00000003000000020000000100000007000000000000c008000000000800000800000004000000010000003f0000003f000000f30100003001000000100000040000002000000004000000050000000400000006000000ffffff7f0300000000000000ff010000fc0e0000080000000100000000000000000000f0ff00000008000000080000000100000066d800000200000001800000060000000700000000000000000100000100000056970000070000000200000008000000360b0000010000008100000003000000070000000100000080000000080000000100000001000000e0ffffffbd08000001000000ff7fffff001000000001000001000000ffff0000a3000000040000000101000004000000ff00000031000000ff7f0000ff0f00000800000004000000bc8d00008100000005000000a80e000002000000200000005f080000fa8600009f0a0000008000000200000002000000080000000100000000000100060000000500000005000000050000000001000009000000440100008000000091150000ff7f0000000000000002000007000000ffffffff01000000090000000200000000000080020000000000000007000000fbffffff8b41ffff0700000005000000090000000500000004000000810000007900000001000000090000000600000007000000010000000300000002000000220000000700000000020000070000000000000002000000ff00000007000000020000000200000008000000addd0000040000003259eb7e030000000100000025d42d00ff070000000000000c83000002000000040000001408000001800000000800000010000002000000020000007f000000f9ffffff0200000003000000090000000100000009000000f7000000020000000800000008000000040000000080000001000000040000009b0000002a030000ff010000ffffffff05000000feeb0000000000000e9aae4e07000000010000000000000008000000f9ffffff8100000006000000000000000c000000020000000900000096780000090000000200000002000000060000000300000001000000010000000000000000100000c807000009000000e7010000fc08000001000100000800000400000009000000ffffff7f00000000070000000403000007000000d73c000007000000000008000700000009000000830000000800000003000000200000000900000071080000090000000000000008000000f8ffffff0101000001000000fdffffff4700000008000000ff01000006000000040000000700000000000000a9cd0000018000000100010004000000080000000100000007000000edef0000010000000600000000000100230000000600000003000000ff0f0000030000000000020000040000800000000600000009000000020000000001000009000000ff7f0000030000000800000006000000000000005900000006000000ff010000080000000200000072000000000000000100000009000000070000000300000004000000040000000800000091000000030000006ceb000002000000000000002e0000001f0000007eee000003000000001000007f00000020000000c5000000fdffffff0300000000000080060000000010000080000000040000004f80000008000000010000000080010004000000040000000000000000000000008801000400000001000080000000000000000009000000ff7f00007f00000000000100020000000008000001010000000000000200000000000000010000000002000007000000ffff000004000000cfe26667020000000800000000000000fb4500000500000005000000030000000004000005000000060000008176000000000000070000000300000023c0000000000000f5030000050000000000000080ffffff1f000000000000008b36000005000000665600000400000006000000090000000004000001040000ffea0000070000000004000007000000070000000500000001000000fdffffffcaad0000000000000300000006000000000000000000000024a68852ac8d0000008000001f0000004e060000000200000400000081c70000040000000700000009000000040000000100000001000000ff0f000009000000060000000500000000000000a70ffffff9ffffff060000006f000000abb10000060000000000000007000000f900000005000000070000000000000000000000ff0000000200000005000000000000000500000004000000080000000800000096e30000d518e425040000000000010001000100e0fffffff2ffffff01000000090000000100000004000000d8070000a7a6000001000000070000000300000005000000ffffff7f080000000300000003000000090000003700000003000000080000007f0000002900000000000000ff0f000007000000f8ffffff0000000008000000ffffffff0600000009000000fcffffff0600000000000000fdffffff7f000000bbd400001e00000000000000f7ffffff0101000006000000050000000600000004000000200000000900000006000000070000004f000000fdffffffa80d0000c0ffffff00800000ff0100000500000000000000020000007f000000020000001f0000007d3600003e0e0000ff0f000006000000ff03000005000000460000009401000008000000b30000009800000001000000d5d7000003000000890b000007000000030000003f000000ff000000000000800100000000040000018000000000000003000000090000000100000004000000030000000800000001040000ff0300008000000000000000ff010000cfca0000030000008f0000000900000003000000dd000000400000004176000082420000050000000400000003000000070000007f0000000200000004000000f7ffffff8bc400000900000002000000c804000001000000000200000000000004000000e1fffffffeffffff2000000007000000300a000009000000080000000900000007000000030000000600000003000000070000000700000000040000070000000500000000040000200000009900000002000000008000000100000007000000ffffffff07000000400000000104000005000000000100000100000000000100ff7f000001000000d603000000000000ea09000034ffffff0400000080000000090000000f00000005000000faffffff0300000009000000ce000000090000007d0e0000fbffffff018000003f0000000000000005000000ffffff7f01000000000000000900000080ffffffffffff7f00000000ffffff7f00100000008000000080000004000000090000000600000006000000000000000000000005000000030000003f000000b09500000600000008000000010000000000000008000000800000007f00000006000000a0000000feffffffcd00000004000000f06c000008000000070000000800000038060000ff0f00004f0200004d010000ff010000f9ffffff030000000200000080000000000200000100008009000000080000004b010000018000001ebe000000800000ac000000ff0000000002000000400000010000800000000004000000000000000000000008000000f9ffffff050000000010000003000000c37a0000f9ffffff00800400000000000500000003000000010001007f0000005b000000da0200004bca000005000000ffffffff010000000400000006000000080000000000000009000000f9ffffffffffff7f010000000200000008000000fbffffff00f0ffffff7f0000ffffff7fff0300000000000008000000060000004c00000000040000090000000600000008000000b40b0000666fffff0300000001000100070001000000000003000100000000000000010003000100010001000500010000000000070001000400000006000100070000000000000000000100040000000000000000000000020000000500010004000100050001000400010005000100050000000200000002000000020000000100010005000000050001000700010004000100030001000500000005000000020001008ba801000000010007000000050000000400010003000000030001000600000000000000050000000300010003000000070001000400010001000100010001000200010004000100050000000300000007000100030001000000010004000100040000000300000005000100010001000500000000000100000001000700010005000000010000000700000004000000040001000700000001000000000000000400010003000100020000000200010007000000050000000300010003000100040001000400000001000100050000000000010000000100050001000500000000000000020001000400010003000000050000000000000000000000000001000500010005000000060000000400000007000100070000000500000003000000070001000200000001000100070001000500010005000000070001000300000003000000020001000300010002000100050000000400000000000000000001000500010001000000840006008da723a4549327d3baff48676ee355985d30cc007355cf2bac671ab840f0bdbb2788688522fc0e897ca8662eb25da3eddea1c890721706a47f9894417b75eeb718a6c2545ed81ae93d11b4bb0df783545c7eb99ee99d3a62ab1870f9c8d7a454c31320f8b9c3120f6b0410c91aa2c9be4ab690314b280b1db74eac0bc9d000000000"], 0x3160}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0xc) ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000003f80)={0x2, &(0x7f0000000080)=[{0x7, 0x8001, 0x1, 0x5}, {0xd953, 0x8140000000000000, 0x200, 0x3f}]}, 0x10) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000003f00)={{0x0, 0x3f, 0xfff, 0x5}, 'syz1\x00', 0x31}) 02:36:35 executing program 5: r0 = socket(0x80000000000000a, 0x3, 0x2) mmap(&(0x7f0000001000/0x5000)=nil, 0x5000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x10002014}) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x36, &(0x7f0000000fc0)={'raw\x00', 0x2, [{}, {}]}, 0x48) truncate(&(0x7f0000000080)='./file0\x00', 0x3) 02:36:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x1d) ptrace$cont(0x18, 0x0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:35 executing program 3: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x501a01, 0x4) write(r0, &(0x7f0000000000)="fc0000001c00071bab0925001100070007ab08000c00000000003e93210001c0000000000000000000000081000398", 0x2f) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @multicast1}, @icmp=@address_reply={0x8}}}}}, &(0x7f0000000080)={0x0, 0x1, [0x2, 0x2d9, 0x3]}) 02:36:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x200101, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x6, &(0x7f00000000c0)=0x7a, 0x4) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffe) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) connect(r3, &(0x7f0000000000)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x43) connect(r0, &(0x7f0000987ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r4 = gettid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000500)="0adc1f023c123f3188a070") r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) unshare(0x400) fcntl$F_SET_FILE_RW_HINT(r6, 0x9, 0x0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000100)={{0x2, 0x100000000}, 0x12}, 0x10) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0xffffffffffffffff, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r4, 0x1000000000013) listen(r2, 0x5) [ 578.598131][ C0] net_ratelimit: 26 callbacks suppressed [ 578.598139][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 578.609679][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 578.615538][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 578.621370][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 578.627243][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 578.633054][ C0] protocol 88fb is buggy, dev hsr_slave_1 02:36:35 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x8000, 0x0) ioctl$VIDIOC_G_TUNER(r3, 0xc054561d, &(0x7f0000000040)={0x4, "5b7def034a19c1fafd3bbf15e3fa54851325dcc060413ef32134813e6099590d", 0x7, 0x1020, 0x8, 0x0, 0x1b, 0x5, 0x2, 0x80000001}) 02:36:35 executing program 5: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x5, 0x0) bind$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c) setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000040)=0xb11, 0x2) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='cgroup.stat\x00', 0x0, 0x0) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000480)={r1, 0x2}) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000240)=ANY=[@ANYBLOB="050000000000000008000000000000000900000000000000", @ANYRES32=r0, @ANYBLOB="00000000010000800000000800000000d07800000000000000000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="00000000ff0100000000000000000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="00000000ff0700000000000000000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r1, @ANYBLOB="00000000ffffff7f0000000000000000000000000000000000000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r4 = socket$inet_dccp(0x2, 0x6, 0x0) get_robust_list(r3, &(0x7f0000000180)=&(0x7f0000000140)={&(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f00000001c0)=0x18) pipe(&(0x7f0000000380)={0xffffffffffffffff}) connect$inet(r4, &(0x7f0000000400)={0x2, 0x4e20, @multicast1}, 0x10) write$FUSE_IOCTL(r5, &(0x7f00000003c0)={0x20, 0x0, 0x6, {0x1, 0x0, 0x80000000, 0x62}}, 0x20) 02:36:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 578.758126][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 578.763976][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 578.838152][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 578.843984][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 578.970728][T29070] overlayfs: upper fs does not support tmpfile. [ 578.977042][T29070] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 579.008800][T29070] FAULT_INJECTION: forcing a failure. [ 579.008800][T29070] name failslab, interval 1, probability 0, space 0, times 0 [ 579.032524][T29070] CPU: 0 PID: 29070 Comm: syz-executor.0 Not tainted 5.0.0-rc6-next-20190215 #36 [ 579.041670][T29070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 579.051722][T29070] Call Trace: [ 579.055027][T29070] dump_stack+0x172/0x1f0 [ 579.059368][T29070] should_fail.cold+0xa/0x15 [ 579.063954][T29070] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 579.069771][T29070] ? ___might_sleep+0x163/0x280 [ 579.074613][T29070] __should_failslab+0x121/0x190 [ 579.079536][T29070] should_failslab+0x9/0x14 [ 579.084035][T29070] __kmalloc+0x2dc/0x740 [ 579.088275][T29070] ? memcpy+0x46/0x50 [ 579.092249][T29070] ? ovl_fill_super+0x16d0/0x3bb8 [ 579.097259][T29070] ovl_fill_super+0x16d0/0x3bb8 [ 579.102099][T29070] ? ovl_show_options+0x550/0x550 [ 579.107111][T29070] ? up_write+0x1c/0x150 [ 579.111358][T29070] ? sget_userns+0x105/0x560 [ 579.115939][T29070] ? get_anon_bdev+0xc0/0xc0 [ 579.120514][T29070] ? sget+0x114/0x150 [ 579.124481][T29070] ? ovl_show_options+0x550/0x550 [ 579.129490][T29070] mount_nodev+0x68/0x110 [ 579.133805][T29070] ovl_mount+0x2d/0x40 [ 579.137860][T29070] ? ovl_own_xattr_set+0x10/0x10 [ 579.142783][T29070] legacy_get_tree+0xf2/0x200 [ 579.147448][T29070] vfs_get_tree+0x123/0x450 [ 579.151933][T29070] do_mount+0x1436/0x2c40 [ 579.156252][T29070] ? copy_mount_string+0x40/0x40 [ 579.161460][T29070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 579.167694][T29070] ? copy_mount_options+0x30e/0x440 [ 579.172888][T29070] ksys_mount+0xdb/0x150 [ 579.177141][T29070] __x64_sys_mount+0xbe/0x150 [ 579.181813][T29070] do_syscall_64+0x103/0x610 [ 579.186411][T29070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 579.192296][T29070] RIP: 0033:0x457e29 [ 579.196185][T29070] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:36:36 executing program 0 (fault-call:20 fault-nth:81): r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:36 executing program 3: r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x80000, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000080)=@sack_info={0x0, 0x400, 0x3}, &(0x7f00000000c0)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r2, 0x800}, 0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000140)={r2, 0x1, 0x3, 0x0, 0x1000, 0x14}, &(0x7f0000000180)=0x14) setsockopt$rose(r0, 0x104, 0x2, &(0x7f0000000000), 0x4) 02:36:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x200101, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x6, &(0x7f00000000c0)=0x7a, 0x4) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffe) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) connect(r3, &(0x7f0000000000)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x43) connect(r0, &(0x7f0000987ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r4 = gettid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000500)="0adc1f023c123f3188a070") r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) unshare(0x400) fcntl$F_SET_FILE_RW_HINT(r6, 0x9, 0x0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000100)={{0x2, 0x100000000}, 0x12}, 0x10) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0xffffffffffffffff, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r4, 0x1000000000013) listen(r2, 0x5) 02:36:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x4, 0x2, 0x0, 0xffffffffffffffff]}) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0) write$input_event(r3, &(0x7f0000000040)={{0x77359400}, 0x14, 0x5, 0x3ff}, 0x18) [ 579.215786][T29070] RSP: 002b:00007faaf9915c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 579.224183][T29070] RAX: ffffffffffffffda RBX: 00007faaf9915c90 RCX: 0000000000457e29 [ 579.232137][T29070] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000 [ 579.240092][T29070] RBP: 000000000073c040 R08: 00000000200007c0 R09: 0000000000000000 [ 579.248056][T29070] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faaf99166d4 [ 579.256022][T29070] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000006 02:36:36 executing program 5: r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x3f, 0x10000) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000100)="24f6ef15cc84f59d1136039b21d329dc042fa0e2cc64d30d44c1e07215a5805935c26c02fdd7e0d429da92db58c304535109663443b0a16adb2e02", &(0x7f0000000140)="ca4a18dafabaa12554a5dc44d32027496c0102c122cc2edddd824c007cdcfc2339b783dd4e2deeadeaedca1b11c11d4c9efd593c9c7a6e3821c48e1556d8776dc19bf797e714db24d063c6593ac4c2f065b8304525d9e7e7a87aed9b9841fd956ea8dd0c285a0baa0936601dcc1ace6bf2f535e22abf255445204bcaedf3aaf471ef5d43f89821ba2fd5629f57a23514394814bcc39ea7c73cd9ff"}, 0x20) mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffffffffffff) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) fcntl$setlease(r1, 0x400, 0x0) rt_sigprocmask(0x0, &(0x7f0000000300)={0xfffffffffffffffe}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, 0x0, 0x0, 0x8) open(&(0x7f0000000000)='./file0\x00', 0x2, 0x0) 02:36:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:36 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0xa0880, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0)=0x5d0, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400, 0x80) r2 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0x7, &(0x7f00000001c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000240)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}]) ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6) syz_open_dev$video4linux(&(0x7f0000000140)='/dev/v4l-subdev#\x00', 0x9, 0x200001) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 02:36:36 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x200101, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x6, &(0x7f00000000c0)=0x7a, 0x4) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffe) r2 = socket$unix(0x1, 0x1, 0x0) bind$unix(r2, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) listen(r2, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) connect(r3, &(0x7f0000000000)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x43) connect(r0, &(0x7f0000987ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r4 = gettid() r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000500)="0adc1f023c123f3188a070") r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) unshare(0x400) fcntl$F_SET_FILE_RW_HINT(r6, 0x9, 0x0) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000100)={{0x2, 0x100000000}, 0x12}, 0x10) timer_create(0x0, &(0x7f0000ec5000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0xffffffffffffffff, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) tkill(r4, 0x1000000000013) listen(r2, 0x5) 02:36:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = semget(0x2, 0x3, 0x2) dup3(r1, r1, 0x80000) semctl$GETVAL(r3, 0x2, 0xc, &(0x7f0000000080)=""/243) r4 = syz_open_dev$vbi(&(0x7f00000001c0)='/dev/vbi#\x00', 0x2, 0x2) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={r4, 0x0, 0x1, 0x9, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x3, 0x1) open$dir(&(0x7f0000000240)='./file0\x00', 0x40200, 0x8) sendmsg$can_bcm(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x1d, r5}, 0x10, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB="07000000000800000100000000000000", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0200000001000000030000c00002000000000100000001e7"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0xc0) 02:36:36 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) [ 579.621391][T29119] overlayfs: failed to resolve './file1': -2 02:36:36 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:36 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:36 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) write$tun(r1, &(0x7f0000000300)={@val={0x0, 0x8884}, @void, @mpls={[{0x8, 0x101, 0xfffffffffffffffe, 0x1}, {0x80000001, 0x25c, 0xffffffffffffff80, 0x100000000}, {0x81, 0x4, 0x1000000000000000, 0xc1cb}], @ipv4={{0x1a, 0x4, 0x1, 0x8, 0x349, 0x65, 0x400, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@rr={0x7, 0x23, 0x8, [@local, @broadcast, @dev={0xac, 0x14, 0x14, 0x18}, @broadcast, @local, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x7}, @empty]}, @ssrr={0x89, 0xb, 0x0, [@rand_addr=0x5221, @local]}, @generic={0xc7, 0xf, "7ac338bd2ef1f4e53bc4c4fe3e"}, @timestamp={0x44, 0x14, 0x5, 0x1, 0xb5, [{[@multicast2], 0x7}, {[], 0x9}, {[], 0x1ff}]}]}}, @gre={{0x0, 0x0, 0x1, 0x9, 0x0, 0xfffffffffffff001, 0x0, 0x1, 0x880b, 0x67, 0x2, [0x6, 0x5], "fe6d2f9eab0fd3a44903c3c81d4ceb4a5cbdbdd304ac971584a235fe5f73491d14324899c95494266a86af34c8ad3b362da36954dcfdbb696c082d1552ad5507300a2ea03935e1a6c094b71a5aaf8410c18eca385cf087eeaecb614fb5351afc1a6b3a18b96c3a"}, {0x401, 0x0, 0xfffffffffffffffc, 0x7, 0x0, 0x0, 0x800, [0x6, 0x101], "e3fb5561ef4874d7fa3cd58734059fd83fb50572e24d93ba130fc49be715e9ac483d78de63c2295dbedefe7696b9a1b498e5885ccceb550b06d2062795869d0add84a15abc17f986d9e45a2438be428c3bfa21fbe4e0ee3eaea47d6e1ed8ea25971fae9e4cd2753c44623df772a2466ae8d4da2133e7262cc848ce4658971c7851f6d8dfb0140fe6aea7c5dd69bd2c41eb3420fa6c77cad1604996a433497f85500b7d3291827ec7e4b43899ae6d882a324f6edb3ccdb037aad5da0915dd22e1daa784a238393511bcf670147c3560ea8926a6c2775ff38d390d18a1391f"}, {0x7, 0x0, 0x0, 0xc3, 0x0, 0x0, 0x86dd, [0x2], "5e017025b619a9284c3612604ae974a0820d998e0edd5841301b368d7cdeb32e525172f838267d7b24721768fe4ad444d5840d6cefc216a177822ad76d55e809744eeb8052dd4a5823609eeb6c0ba6d786c12b5b5905b297f578700e7ef3cf601780a30c4dd0aa81fd9be797ebe546e87d06ccd9312c7269693ba2dcda920945cc62230316d5e6d4bf22554160d0a0a298b1396369c4db62665c87e4a4b3cbba109cdf0503cbe96c8adba8a5f2443540c7905f5506e8b00c38b523f87ebf4ae3f20cb0006dc2"}, {0x8, 0x88be, 0x2, {{0x401, 0x1, 0x0, 0x7f, 0x10001, 0xfff, 0x7f, 0x24000000000}, 0x1, 0x1f}}, {0x8, 0x22eb, 0x0, {{0x7, 0x2, 0x5, 0x4, 0x48, 0x0, 0x9, 0x7fff}, 0x2, 0x7, 0x0, 0x178800000000000, 0x7f, 0x1, 0x7fff, 0x0, 0x62, 0x3}}, {0x8, 0x6558, 0x2, "4132c8e6e12067abcc721d346a59bb2e4ff17948314f5ff47a078aa532b6033ac0d6a1eab9cacb9a87ed41f00d517e244f25180ae7a88f8c81c1f5d35d6a78c30ada4658fc6f8406456a3cca02f7ecfa91c129542676289666dfe7260da5481e35e0ed653125a87e9d03ab661f2a10a0498f9e6ee830c481ed45cf001aa4c0e32bc8ad8f3e2cd641"}}}}}, 0x359) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:36 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x400001000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x89a1, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = dup2(r2, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) 02:36:36 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) [ 580.247921][T29152] overlayfs: upper fs does not support tmpfile. 02:36:37 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0xffb6, &(0x7f000000a000)=ANY=[@ANYBLOB="ffe0ffffffffffffffffffff08004500fec300000000002f9078ac14ffbbe000000100000000ca989078"], 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9) 02:36:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_type(r2, &(0x7f0000000040)='threaded\x00', 0x9) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 580.295245][T29152] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. 02:36:38 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) bind$bt_rfcomm(r1, &(0x7f0000000100)={0x1f, {0xffffffffffffffff, 0xffffffff, 0x2}}, 0xa) setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000), 0x4) 02:36:38 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:38 executing program 5: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = dup(r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x80000000002a) ptrace$cont(0x18, r0, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000000c0)={@dev, @mcast2, @mcast2, 0x4, 0x0, 0x0, 0x800000000116}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000000)={0x0, 0xffffffffffff2980}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000080)={r3, 0x8}, 0x8) ptrace$cont(0x21, r0, 0x0, 0x0) 02:36:38 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x100000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x40000000000000) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:38 executing program 1: setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES16=r0], @ANYRES16=r0, @ANYRESOCT=r0, @ANYRESDEC=r0], 0xfffffffffffffd64) sched_setaffinity(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x4) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xffffffffffffff81, 0x2800) bind$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @reserved}, 0x10) 02:36:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x12000000) sendmsg$nl_route(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x20, 0x1e, 0x801}, 0x20}}, 0x0) 02:36:38 executing program 4: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:38 executing program 1: mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x36050, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) bind$pptp(r0, &(0x7f0000000180)={0x18, 0x2, {0x1, @local}}, 0x1e) recvfrom$unix(r0, &(0x7f00000001c0)=""/155, 0x9b, 0x0, &(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x400, 0x0) ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f0000000040)={{0x3, @name="c877b1eed21cc4863d7144e450b22d5cae89dbbf06443ee3a1c370ff8434422d"}, "3054aba59ea64a67fcdce8ff8521202e4f935e798e9998aa97312f063b6ab095", 0x1}) 02:36:38 executing program 3: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000200)={&(0x7f00000000c0)='./file0\x00', r0}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x101001, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/246) syz_open_dev$ndb(&(0x7f0000000240)='/dev/nbd#\x00', 0x0, 0x9b4caa5b73081877) r2 = memfd_create(&(0x7f0000000140)='^\x00', 0x0) ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f00000003c0)={0x74, "c8bb344df5b342486165123e37566acf8edbb412a8f0acab47a302acec46508f2dd7a77ba7ebe2aa4cbc3c1934787ae5eafa0e82b93939d28511da05f2a46ae2013af113ddfbeb7fc7884757f2f357d16566ee5e5b15be66739e7430285ce29c30a154fbde9f277eb7624d04891c6891390b732ca9de13d393b9a072558f58e4"}) pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x0) sendfile(r1, r2, 0x0, 0x102002700) [ 581.549676][T29202] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 581.577660][T29208] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. 02:36:38 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:38 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x0, 0x0, &(0x7f0000000180)='GPL\x00'}, 0x48) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000080)={'bridge_slave_1\x00', {0x2, 0x4e24, @loopback}}) listen(r1, 0x101) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) r2 = socket$kcm(0xa, 0x5, 0x0) sendmsg(r2, &(0x7f00000006c0)={&(0x7f0000000100)=@in={0xa, 0x0, @local={0xac, 0x2c0}}, 0xf37c, &(0x7f0000000640), 0x98, &(0x7f0000000180)=[{0x20, 0x84, 0x8}], 0x20}, 0x0) 02:36:38 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000340)="b9800000c00f3235000800000f30660f388172de3e0f0626660f6a91f5fffffff30f078fc9a893be0a00000036f080a703000000dc0f01cfb9b0000040b800380000ba000000000f30150e000000", 0x4e}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 02:36:38 executing program 2: pipe(&(0x7f00000000c0)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e23, 0x8, @mcast2, 0xc8}}, 0xfffffffffffffffd, 0x1ff}, &(0x7f0000000240)=0x90) timerfd_settime(r0, 0x1, &(0x7f0000000340), &(0x7f0000000380)) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000300)={r1, 0x2}, 0x8) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x100000000, 0x1e}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000100)={r3, 0x3, 0x30}, 0x1e6) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x4]}) 02:36:38 executing program 3: r0 = socket$kcm(0xa, 0x122000000003, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000240), 0x4) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f00000009c0)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000000)="d90d0000768606681d012f629c75adfa4208d5febf524a024aface6a6ac7d846ed2fa163e15ffb5033e9ad60d7d8a295b90bf9cc8578ec03a10c48d4050200000000d2c4aa592d00", 0x29b}], 0x1}, 0x7ffffd) 02:36:38 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x200000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:38 executing program 1: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x3c1, 0x1, 0x178, [0x20000600], 0x0, &(0x7f0000000000), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x5, 0x0, 0x0, 'gretap0\x00', 'veth0\x00', 'syzkaller0\x00', 'syzkaller1\x00', @broadcast, [], @local, [], 0x70, 0x70, 0xe8}}, @common=@nflog={'nflog\x00', 0x50, {{0x0, 0x0, 0x0, 0x0, 0x0, "e1f2548789f29ee03347b92f8db727423472b5d532e0fcaac351b4589acc53febe35b5b930a78eedf45347975a8c0bc356ce513d34329c338cea6c32911b9b42"}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x1f0) 02:36:38 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:38 executing program 5: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x100000000000015d, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='maps\x00') openat$vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhci\x00', 0x0) preadv(r1, &(0x7f0000000480), 0x1000000000000237, 0x7fffef6c) 02:36:38 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x0, r2}) ioctl$RTC_WKALM_SET(r1, 0x4028700f, &(0x7f0000000040)={0x1, 0x0, {0x39, 0x19, 0xf, 0x11, 0x5, 0x8000, 0x5, 0xa}}) 02:36:38 executing program 1: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000980)) getuid() getuid() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f00000008c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a40)={0x0}, &(0x7f0000000a80)=0xc) getegid() getgroups(0x2, &(0x7f0000000c40)=[0x0, 0x0]) pipe2(&(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$VIDIOC_SUBDEV_G_FMT(r3, 0xc0585604, &(0x7f0000000900)={0x0, 0x0, {0x9, 0xffffffff7fffffff, 0x303b, 0x8, 0xc, 0x7, 0x1, 0x5}}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x1c9c380}}, 0x0) chroot(&(0x7f0000000880)='./file0\x00') creat(&(0x7f0000000100)='./file0\x00', 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f00000000c0)=""/50, 0x32}, {&(0x7f0000000400)=""/150, 0x96}, {&(0x7f00000004c0)=""/193, 0xc1}, {&(0x7f00000005c0)=""/240, 0xf0}, {&(0x7f00000006c0)=""/248, 0xf8}], 0x5) tkill(0x0, 0x1000000000016) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) utime(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x2}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in=@remote, @in=@empty, 0x4e21, 0x60b, 0x4e21, 0xc08, 0xa, 0x20, 0x80, 0x3d, 0x0, r4}, {0x7fffffff, 0x80000001, 0x3, 0x1ff, 0xd, 0xfffffffffffffffe, 0x3b, 0x80000001}, {0x9, 0x37f, 0x20, 0x1}, 0x200, 0x6e6bb8, 0x3, 0x0, 0x2, 0x1}, {{@in=@loopback, 0x4d2, 0x33}, 0xa, @in=@multicast1, 0x3502, 0x0, 0x3, 0x1ff, 0x2, 0x80, 0x4038b4}}, 0xe8) r5 = shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x0) shmdt(r5) timer_create(0x0, 0x0, &(0x7f0000044000)) clock_nanosleep(0x8, 0x0, &(0x7f00000001c0), 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000100000016) 02:36:38 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2) getpeername$unix(r1, &(0x7f0000000240)=@abs, &(0x7f00000002c0)=0x6e) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x21200}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xc0, r2, 0x24, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x9c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x11}}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'dummy0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x972}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4048010}, 0x4000) sendmsg$nl_xfrm(r0, &(0x7f0000000d40)={&(0x7f0000000180), 0xc, &(0x7f0000000d00)={&(0x7f00000008c0)=@newsa={0x158, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@dev}, {@in6=@mcast1, 0x0, 0x33}, @in6, {}, {}, {}, 0x0, 0x0, 0xa, 0x0, 0xc9f}, [@algo_auth_trunc={0x4c, 0x14, {{'tgr160\x00'}}}, @replay_esn_val={0x1c}]}, 0x158}}, 0x0) 02:36:38 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000000)={0x2}) 02:36:38 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x1d) ptrace$cont(0x18, r0, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r3 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r2, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r3, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r4}, 0x14) 02:36:38 executing program 3: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x8002, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f00000010c0)={@x25={0x9, @remote={[], 0x3}}, {&(0x7f0000000080)=""/4096, 0x1000}, &(0x7f0000001080), 0x4c}, 0xa0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000001280)={0x3, 0x5, 0xfffffffffffffffe, 0xffffffff, 0x10000, 0x7}) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000180), 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0x800, 0x0) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, "97570445e47bead949a19fa9bf928fab59a6fac3a06a6efa8ea2b5b3147a8aafd11c7c1cc6ca2cfe3b81eca46395d4672640efe2cc8a7f5939b5cfa32ff5cdc2", "ade1b3517b66e61059d1053654a5beb13253f0a653eb210ef878b72c20a3269a", [0xfffffffffffffeff, 0x7]}) sendto$inet(r2, &(0x7f0000001180)="03005f171ec39c8a8589f1f1d8198a665496bf3ef5d44b7f9da2fe2c05ce", 0x1e, 0x20000050, 0x0, 0x0) ioctl$EVIOCSREP(r3, 0x40084503, &(0x7f00000011c0)=[0x5, 0xfffffffffffffe00]) ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000000)={0xffffffffffffffff, 0x200001, {0x1a, 0x15, 0x11, 0x3, 0x1a, 0x80000000, 0x6, 0xea}}) getsockopt$sock_buf(r1, 0x1, 0x40, &(0x7f00000002c0)=""/60, &(0x7f0000001200)=0x3c) madvise(&(0x7f0000003000/0x1000)=nil, 0x1000, 0xb) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, @perf_config_ext={0x1f, 0x1000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet(r4, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r3, &(0x7f00000000c0)="12a4aeab0000699a269d06ab4090541daddf4e846d6cd534827cc3683d3465e4dc", 0x21, 0x20000800, 0x0, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f00000008c0)={0xfffffffffffffffd, {0x2, 0x4e1d}, {0x2, 0x4e23}, {0x2, 0x4e1d, @multicast1}, 0x1c, 0x5, 0x7fff, 0x9976, 0x3, &(0x7f0000000800)='bridge_slave_1\x00', 0x4, 0x7, 0x800}) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) r6 = memfd_create(&(0x7f0000000100)='\x88])+\x00', 0x0) write(r6, &(0x7f0000000080)="a0", 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r6, 0x3) connect$rose(r5, &(0x7f0000000140)=@full={0xb, @remote, @null, 0x0, [@null, @null, @netrom, @null, @rose, @null]}, 0x40) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000100)={0x5084f74d, {0x2, 0x4e22}, {0x2, 0x4e21, @dev}, {0x2, 0x4e24, @empty}, 0x208, 0x6, 0x20, 0x40, 0x0, 0x0, 0x0, 0x0, 0x100000000000}) r7 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r7, 0x8912, &(0x7f0000000580)="0047f82f07d82c99240970") madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1) bind$rds(r3, &(0x7f0000000540)={0x2, 0x4e24, @remote}, 0x8) madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x1d) 02:36:39 executing program 5: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f00000001c0)={0x0, 0x9, 0x4, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4d3c8c8f"}, 0x0, 0x0, @planes=0x0, 0x4}) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x8202, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f0000000080)={{0x2, 0x12, 0xfffffffffffffffd, 0x710, 0xffffffffffffffb7, 0x80000000}}) 02:36:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:39 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400002, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x501042, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000080)={0x5, 0x3f, 0x9, 0x5c21}, 0x8) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000040)={0x4, 0x7fff, 0x4, 0x7f, 0x19, 0x6bb6, 0x3, 0x10001, 0x1fffe000000000, 0x9, 0x1, 0x6ec}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) fsync(r0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x20000000007b, 0x0, [0x277, 0x2]}) 02:36:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0) r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90) fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1}) r2 = open(&(0x7f0000021000)='./file0\x00', 0x3c, 0x5) write$P9_RATTACH(r1, &(0x7f0000000000)={0x14}, 0x14) fchdir(r2) r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r3, 0x0) 02:36:39 executing program 3: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) openat$cgroup_ro(r0, &(0x7f0000000380)='cpuacct.usage_user\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000002c0)={'nat\x00'}, 0xfffffffffffffffd) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") fgetxattr(r1, &(0x7f00000003c0)=@known='system.sockprotoname\x00', &(0x7f0000000400)=""/218, 0xda) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r3 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x1, 0x2) ioctl$sock_bt_bnep_BNEPCONNDEL(r3, 0x400442c9, &(0x7f00000001c0)={0x0, @local}) ioctl$VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000040)={0xf, 0x200, 0x3, 0x800, r3}) r5 = fcntl$getown(r4, 0x9) fcntl$setownex(r2, 0xf, &(0x7f0000000500)={0x2, r5}) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612) rt_sigsuspend(&(0x7f0000000200)={0x8000}, 0x8) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000080), &(0x7f0000000100)=0x4) ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000240)={0x200, 0xc943, 0xffffffffffffff82, 0xe742, 0x0, 0xff}) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000340)=r0, 0x4) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4) getsockopt$bt_hci(r2, 0x65, 0x6, &(0x7f0000cbc000)=""/244, &(0x7f0000000280)=0xf4) 02:36:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 582.799732][T29312] overlayfs: failed to resolve './file1': -2 02:36:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) keyctl$reject(0x13, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x4) 02:36:39 executing program 5: r0 = socket$kcm(0xa, 0x2, 0x73) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000140)=@routing, 0x8) sendmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x0, 0x2) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000000c0)={0x4, 0x9, 0x1, 0x0, 0x0, [{r0, 0x0, 0x2}]}) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) 02:36:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 583.030349][T29333] overlayfs: failed to resolve './file1': -2 02:36:40 executing program 5: r0 = syz_open_dev$audion(&(0x7f0000000540)='/dev/audio#\x00', 0x401, 0x8000) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000580)={0x0, 0x5d60, 0x9fb8, 0x57a5, 0x9, 0x6, 0x453f, 0x7, 0x4, 0x6}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001640)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$SIOCGETNODEID(r0, 0x89e1, &(0x7f00000005c0)={0x3}) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000340)={0xaa, 0x10000000000}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = creat(&(0x7f00000004c0)='./file0\x00', 0x20) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="f7ff06000617fe91da15d700ff7f0100"], &(0x7f0000000140)=0x14) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000180)={0x80000000, 0x207, 0x100000001, 0x5, 0x0}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000200)={r4, 0x9, 0x4, 0x738, 0x1e38, 0x401, 0x3065a222, 0x8001, {r5, @in6={{0xa, 0x4e21, 0x80000000, @loopback, 0x2}}, 0x4, 0x0, 0xb800000000000000, 0x7, 0x5}}, &(0x7f00000002c0)=0xb0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) r7 = socket$inet6_sctp(0xa, 0x3, 0x84) ioctl$EVIOCSABS0(r7, 0x401845c0, &(0x7f0000000500)={0x1, 0x5, 0x6, 0x400, 0x8000, 0x2}) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r7, 0x84, 0x8, &(0x7f0000013e95), 0x4) fsetxattr$trusted_overlay_redirect(r6, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000480)='./file0\x00', 0x8, 0x3) ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000040)={'veth1_to_bond:\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="0966958b2025eb530400bd7803ca74b32330f41c3ed055cf18748b94dc4ca359d14db1798b811233f93d8b28130094d6fb0950ea1568d373ab34197ae9651033e0959f7fbd1785b8ed3ff6b20f1a9437b0e628188c6106f134dded89103cc60302662224eb5fc5909755997ef834aa73"]}) getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000000)={@remote, @dev, 0x0}, &(0x7f0000000300)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000400)={'team0\x00', r8}) close(r7) syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) 02:36:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:40 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r2, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) [ 583.364003][ T26] audit: type=1804 audit(1550371000.163:177): pid=29361 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/570/file0/bus" dev="ramfs" ino=94452 res=1 [ 583.394423][ T26] audit: type=1804 audit(1550371000.173:178): pid=29361 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/570/file0/bus" dev="ramfs" ino=94452 res=1 [ 583.436609][T29362] [ 583.438969][T29362] ====================================================== [ 583.445990][T29362] WARNING: possible circular locking dependency detected [ 583.453003][T29362] 5.0.0-rc6-next-20190215 #36 Not tainted [ 583.458708][T29362] ------------------------------------------------------ [ 583.465719][T29362] syz-executor.1/29362 is trying to acquire lock: [ 583.472118][T29362] 00000000043aca41 (&mm->mmap_sem){++++}, at: __do_page_fault+0x9e9/0xda0 [ 583.480651][T29362] [ 583.480651][T29362] but task is already holding lock: [ 583.488008][T29362] 000000007484a26c (&sb->s_type->i_mutex_key#12){+.+.}, at: generic_file_write_iter+0xdf/0x610 [ 583.498404][T29362] [ 583.498404][T29362] which lock already depends on the new lock. [ 583.498404][T29362] [ 583.508798][T29362] [ 583.508798][T29362] the existing dependency chain (in reverse order) is: [ 583.517802][T29362] [ 583.517802][T29362] -> #2 (&sb->s_type->i_mutex_key#12){+.+.}: [ 583.525965][T29362] down_write+0x38/0x90 [ 583.530635][T29362] shmem_fallocate+0x15a/0xc60 [ 583.536177][T29362] ashmem_shrink_scan+0x1d7/0x4f0 [ 583.541720][T29362] ashmem_ioctl+0x2f0/0x11a0 [ 583.546829][T29362] do_vfs_ioctl+0xd6e/0x1390 [ 583.551940][T29362] ksys_ioctl+0xab/0xd0 [ 583.556629][T29362] __x64_sys_ioctl+0x73/0xb0 [ 583.561733][T29362] do_syscall_64+0x103/0x610 [ 583.566841][T29362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 583.573236][T29362] [ 583.573236][T29362] -> #1 (ashmem_mutex){+.+.}: [ 583.580176][T29362] __mutex_lock+0xf7/0x1310 [ 583.585194][T29362] mutex_lock_nested+0x16/0x20 [ 583.590475][T29362] ashmem_mmap+0x55/0x520 [ 583.595322][T29362] mmap_region+0xc3a/0x1770 [ 583.600341][T29362] do_mmap+0x8e2/0x1080 [ 583.605010][T29362] vm_mmap_pgoff+0x1c5/0x230 [ 583.610116][T29362] ksys_mmap_pgoff+0x4aa/0x630 [ 583.615443][T29362] __x64_sys_mmap+0xe9/0x1b0 [ 583.620560][T29362] do_syscall_64+0x103/0x610 [ 583.625667][T29362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 583.632064][T29362] [ 583.632064][T29362] -> #0 (&mm->mmap_sem){++++}: [ 583.639005][T29362] lock_acquire+0x16f/0x3f0 [ 583.644035][T29362] down_read+0x3b/0x90 [ 583.648625][T29362] __do_page_fault+0x9e9/0xda0 [ 583.653907][T29362] do_page_fault+0x71/0x581 [ 583.658937][T29362] page_fault+0x1e/0x30 [ 583.663608][T29362] iov_iter_fault_in_readable+0x1ba/0x450 [ 583.669845][T29362] generic_perform_write+0x195/0x530 [ 583.675644][T29362] __generic_file_write_iter+0x25e/0x630 [ 583.681793][T29362] generic_file_write_iter+0x360/0x610 [ 583.687765][T29362] new_sync_write+0x4c7/0x760 [ 583.692960][T29362] __vfs_write+0xe4/0x110 [ 583.697803][T29362] vfs_write+0x20c/0x580 [ 583.702561][T29362] ksys_write+0xea/0x1f0 [ 583.707321][T29362] __x64_sys_write+0x73/0xb0 [ 583.712426][T29362] do_syscall_64+0x103/0x610 [ 583.717535][T29362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 583.723941][T29362] [ 583.723941][T29362] other info that might help us debug this: [ 583.723941][T29362] [ 583.734155][T29362] Chain exists of: [ 583.734155][T29362] &mm->mmap_sem --> ashmem_mutex --> &sb->s_type->i_mutex_key#12 [ 583.734155][T29362] [ 583.747776][T29362] Possible unsafe locking scenario: [ 583.747776][T29362] [ 583.755215][T29362] CPU0 CPU1 [ 583.760574][T29362] ---- ---- [ 583.765940][T29362] lock(&sb->s_type->i_mutex_key#12); [ 583.771391][T29362] lock(ashmem_mutex); [ 583.778050][T29362] lock(&sb->s_type->i_mutex_key#12); [ 583.786017][T29362] lock(&mm->mmap_sem); [ 583.790248][T29362] [ 583.790248][T29362] *** DEADLOCK *** [ 583.790248][T29362] [ 583.798386][T29362] 2 locks held by syz-executor.1/29362: [ 583.803920][T29362] #0: 0000000007a00220 (sb_writers#5){.+.+}, at: vfs_write+0x429/0x580 [ 583.812255][T29362] #1: 000000007484a26c (&sb->s_type->i_mutex_key#12){+.+.}, at: generic_file_write_iter+0xdf/0x610 [ 583.823028][T29362] [ 583.823028][T29362] stack backtrace: [ 583.828926][T29362] CPU: 1 PID: 29362 Comm: syz-executor.1 Not tainted 5.0.0-rc6-next-20190215 #36 [ 583.838019][T29362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:36:40 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400003, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x440000, 0x0) sendto$isdn(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="09000000ff000000ecf3cec2d9cc9b943b6fddbb1f26e34db6ab05e0a1afd17a6ff1ba83664e7e1c1392e57f8ccad7d5898e96890e370105dc8a5465beacf6aaa5e843105458c8adfb754bf5c63264c1f40023c06ac675401c20d6b69a27a3631b899b533c8a8099359baa601b58a18559102b29613c71667444d619dc16078f5625fc64006e0209f2d2d6d9a4b5a4e4272d499cf441f14031f35d0ab36bb8d3d9c7601345bbf5adb612e40c9a7a3667f6ba969e86130a612c823d5adf946147b1b4dc4e896beec13dbec4c6696851641d9da2993415599b615c85c0bba686556c5295445b8177db725118763d606550f83d19111ddbe40ebec556e5919b69459b23c834c075a760ec911c586290c41e79e75bc373d42213e3a510c121b464b521dab53594dc8d47179b311b5ca93423588b55f5c2bc038bbc5241338cffb79be06749f87d694669f7a67f5a43f6b9ee8ca9542d91ae0a77fa74cd7fe5ab6f203a4785"], 0xbf, 0x40, &(0x7f00000000c0)={0x22, 0x4, 0x1, 0x42, 0x7}, 0x6) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000100)={'vlan0\x00', 0x2}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611) r4 = creat(&(0x7f0000000000)='./file0\x00', 0x8) ioctl$CAPI_GET_SERIAL(r4, 0xc0044308, &(0x7f0000000040)=0x2) 02:36:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 583.847833][ T26] audit: type=1804 audit(1550371000.183:179): pid=29361 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/570/file0/bus" dev="ramfs" ino=94452 res=1 [ 583.848060][T29362] Call Trace: [ 583.848079][T29362] dump_stack+0x172/0x1f0 [ 583.848097][T29362] print_circular_bug.isra.0.cold+0x1cc/0x28f [ 583.848110][T29362] __lock_acquire+0x2fca/0x4710 [ 583.848127][T29362] ? lock_downgrade+0x880/0x880 [ 583.896525][T29362] ? mark_held_locks+0xf0/0xf0 [ 583.901270][T29362] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 583.906796][T29362] lock_acquire+0x16f/0x3f0 [ 583.911318][T29362] ? __do_page_fault+0x9e9/0xda0 [ 583.916237][T29362] down_read+0x3b/0x90 [ 583.920287][T29362] ? __do_page_fault+0x9e9/0xda0 [ 583.925201][T29362] __do_page_fault+0x9e9/0xda0 [ 583.929941][T29362] do_page_fault+0x71/0x581 [ 583.934423][T29362] page_fault+0x1e/0x30 [ 583.938560][T29362] RIP: 0010:iov_iter_fault_in_readable+0x1ba/0x450 [ 583.945038][T29362] Code: 4c 39 f3 76 17 eb 3b e8 e4 06 43 fe 48 81 c3 00 10 00 00 48 39 9d 68 ff ff ff 72 2d e8 cf 06 43 fe 0f 1f 00 0f ae e8 45 31 f6 <8a> 13 0f 1f 00 31 ff 44 89 f6 41 88 57 d0 e8 33 08 43 fe 45 85 f6 [ 583.964660][T29362] RSP: 0018:ffff8880691d7980 EFLAGS: 00010246 [ 583.970704][T29362] RAX: 0000000000040000 RBX: 0000000020024000 RCX: ffffc9000820d000 [ 583.978653][T29362] RDX: 0000000000006f8f RSI: ffffffff832d5b31 RDI: 0000000000000005 [ 583.986603][T29362] RBP: ffff8880691d7a20 R08: ffff88804ff1e3c0 R09: fffff9400032ebc7 [ 583.994560][T29362] R10: fffff9400032ebc6 R11: ffffea0001975e37 R12: 0000000000001000 [ 584.002980][T29362] R13: 0000000000001000 R14: 0000000000000000 R15: ffff8880691d79f8 [ 584.010945][T29362] ? iov_iter_fault_in_readable+0x1b1/0x450 [ 584.016822][T29362] ? csum_and_copy_to_iter+0x15c0/0x15c0 [ 584.022430][T29362] ? shmem_write_end+0x217/0x6f0 [ 584.027352][T29362] generic_perform_write+0x195/0x530 [ 584.032614][T29362] ? page_endio+0x780/0x780 [ 584.037100][T29362] ? current_time+0x140/0x140 [ 584.041756][T29362] ? lock_acquire+0x16f/0x3f0 [ 584.046426][T29362] __generic_file_write_iter+0x25e/0x630 [ 584.052048][T29362] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 584.057747][T29362] generic_file_write_iter+0x360/0x610 [ 584.063185][T29362] ? __generic_file_write_iter+0x630/0x630 [ 584.068972][T29362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 584.075368][T29362] ? iov_iter_init+0xea/0x220 [ 584.080037][T29362] new_sync_write+0x4c7/0x760 [ 584.084693][T29362] ? default_llseek+0x2e0/0x2e0 [ 584.089531][T29362] __vfs_write+0xe4/0x110 [ 584.093836][T29362] vfs_write+0x20c/0x580 [ 584.098064][T29362] ksys_write+0xea/0x1f0 [ 584.102290][T29362] ? __ia32_sys_read+0xb0/0xb0 [ 584.107043][T29362] ? do_syscall_64+0x26/0x610 [ 584.111696][T29362] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 584.117751][T29362] ? do_syscall_64+0x26/0x610 [ 584.122420][T29362] __x64_sys_write+0x73/0xb0 [ 584.126996][T29362] do_syscall_64+0x103/0x610 [ 584.131568][T29362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 584.137453][T29362] RIP: 0033:0x457e29 [ 584.141348][T29362] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 584.142391][ T26] audit: type=1804 audit(1550371000.943:180): pid=29361 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/570/file0/bus" dev="ramfs" ino=94452 res=1 [ 584.161429][T29362] RSP: 002b:00007fca7418dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 584.161443][T29362] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 584.161450][T29362] RDX: 00000000ffffff76 RSI: 0000000020000000 RDI: 0000000000000003 [ 584.161457][T29362] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 584.161463][T29362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca7418e6d4 [ 584.161470][T29362] R13: 00000000004c736d R14: 00000000004dcec8 R15: 00000000ffffffff [ 584.247957][T29371] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.257050][T29371] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.298169][ T7548] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.305334][ T7548] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 584.321328][T29374] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.333723][T29374] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.334741][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 584.347357][T29364] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.365002][T29364] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.372038][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 584.387186][T29364] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.399260][T29364] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.419103][T29377] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.426548][T29377] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 584.468152][T29377] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.475558][T29377] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 584.487122][T29382] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.494589][T29382] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 584.508490][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env 02:36:41 executing program 3: r0 = socket$inet(0x2, 0x80001, 0x1000000b) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xfffffffffffffffc}, 0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000580)={0x0, 0x5}, 0x8) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x77, &(0x7f0000000200)={0x0, 0x5}, 0xce) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x101) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100), 0x8) inotify_init() 02:36:41 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) 02:36:41 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r2, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) 02:36:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x200000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 584.515665][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 584.517059][T29377] overlayfs: failed to resolve './file1': -2 02:36:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x20080) setsockopt$inet6_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040), 0x4) [ 584.598324][T29382] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.626857][T29382] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:41 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) 02:36:41 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:41 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) setsockopt$inet_tcp_int(r0, 0x6, 0x21e, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) [ 584.637228][ T26] audit: type=1804 audit(1550371001.423:181): pid=29396 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/571/file0/bus" dev="ramfs" ino=94029 res=1 [ 584.716571][T29405] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.749916][T29405] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.764421][T29409] net_ratelimit: 26 callbacks suppressed [ 584.764451][T29409] IPVS: sh: TCP 172.20.20.170:0 - no destination available [ 584.786474][ T26] audit: type=1804 audit(1550371001.423:182): pid=29396 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/571/file0/bus" dev="ramfs" ino=94029 res=1 [ 584.825407][T29405] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.838114][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 584.844047][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 584.849881][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 584.855644][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 584.857668][T29405] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.861457][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 584.861492][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 584.904474][ T26] audit: type=1804 audit(1550371001.423:183): pid=29396 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/571/file0/bus" dev="ramfs" ino=94029 res=1 [ 584.925369][T29377] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 584.930845][T29404] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 584.958217][T29377] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 584.993550][T29404] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 584.998103][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 585.009099][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 585.021307][T29377] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 585.033665][T29377] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 585.063114][T29420] overlayfs: failed to resolve './file1': -2 [ 585.072850][T29404] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 585.078105][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 585.094919][T29404] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:42 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400004, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:42 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) 02:36:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:42 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r2, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) 02:36:42 executing program 2: r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) ioctl$KVM_S390_INTERRUPT_CPU(r0, 0x4010ae94, &(0x7f0000000040)={0x3f, 0x800, 0x7f6}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f0000000080)={0x0, @speck128}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) poll(&(0x7f0000000100)=[{r0, 0xd2}, {r3, 0x2000}, {r0, 0x120}, {r2, 0x1000}, {r3, 0x2000}, {r2, 0x50}], 0x6, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 585.364400][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 585.384899][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 585.403933][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 585.411467][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' 02:36:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)) clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 585.457552][T29431] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 585.483558][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env 02:36:42 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 585.490832][ T26] audit: type=1804 audit(1550371002.283:184): pid=29428 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/572/file0/bus" dev="ramfs" ino=94591 res=1 [ 585.496784][T29431] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 585.536443][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c12") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:42 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) setsockopt$inet_tcp_int(r0, 0x6, 0x21e, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) [ 585.599412][ T26] audit: type=1804 audit(1550371002.293:185): pid=29428 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/572/file0/bus" dev="ramfs" ino=94591 res=1 02:36:42 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) [ 585.650392][T29440] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 585.657794][T29440] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 585.685027][T29435] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env 02:36:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c12") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 585.704558][ T26] audit: type=1804 audit(1550371002.293:186): pid=29428 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/572/file0/bus" dev="ramfs" ino=94591 res=1 [ 585.712919][T29435] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 585.791820][T29460] overlayfs: failed to resolve './file1': -2 [ 585.810593][T29426] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 585.818565][T29440] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 585.823121][T29426] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:42 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) r0 = dup(0xffffffffffffffff) r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r2, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r2, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040), 0xfffffda9) [ 585.825974][T29440] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 585.894958][T29455] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 585.906816][T29459] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 585.917722][T29459] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 585.926966][T29455] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 585.956381][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 585.966972][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 585.981515][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 585.988831][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 586.018169][T29455] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.025376][T29455] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.036321][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.044829][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.071384][T29455] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.078569][T29455] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.093338][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.104116][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.109257][T29440] overlayfs: failed to resolve './file1': -2 02:36:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c12") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:42 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:42 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400005, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:42 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r2, 0x0) write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) [ 586.138442][T29455] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.145682][T29455] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 586.201870][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.208853][T29485] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.221494][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.234684][T29485] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:43 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8000) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) [ 586.272503][T29480] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.293189][T29490] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.302573][T29485] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env 02:36:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 586.313267][T29490] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.323960][T29480] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.338148][T29485] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.399937][T29503] overlayfs: failed to resolve './file1': -2 [ 586.421414][T29490] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.425542][T29480] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.437622][T29480] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:43 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) setsockopt$inet_tcp_int(r0, 0x6, 0x21e, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) 02:36:43 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7d, 0x0, [0x7fffffff, 0x2, 0x0, 0x100000001]}) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x800, 0x0) bind$bt_sco(r3, &(0x7f0000000100)={0x1f, {0x400, 0xfffffffffffffffe, 0x101, 0x8, 0xffffffffffffffc0, 0x2}}, 0x8) 02:36:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 586.455817][T29490] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a0") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:43 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:43 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) r2 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r2, 0x0) [ 586.568382][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 586.575605][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 586.603117][T29500] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.617236][T29523] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.633598][T29500] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.641477][T29523] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.665310][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 586.667472][T29523] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.681064][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 586.693706][T29523] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.713451][T29516] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.718742][T29500] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.720713][T29516] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.737538][T29500] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.767392][T29516] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 586.778445][T29516] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 586.843684][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 586.852994][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 586.863624][T29490] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 586.875804][T29490] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 586.899435][T29514] overlayfs: failed to resolve './file1': -2 [ 586.938600][T29490] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env 02:36:43 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400006, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:43 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a0") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:43 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000100)={{0x0, 0x971}, 0x10}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'user.', 'nodev)\x00'}, &(0x7f0000000080)='em0ppp1]{\x00', 0xa, 0x1) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000180)) [ 586.946787][T29490] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:43 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) [ 587.020512][T29544] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.039198][T29544] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.080786][T29544] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.087782][T29544] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.133557][T29540] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.144950][T29547] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.155074][T29547] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.165993][T29540] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.205270][T29540] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.214850][T29540] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.237826][T29555] overlayfs: failed to resolve './file1': -2 [ 587.238238][T29547] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.259171][T29547] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.271953][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 587.278561][T29553] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.286514][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 587.286794][T29553] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:44 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) setsockopt$inet_tcp_int(r0, 0x6, 0x21e, &(0x7f0000000000)=0x1, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) 02:36:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a0") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:44 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:44 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, 0xffffffffffffffff, 0x0) 02:36:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x92081, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000040)) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x9, 0x1, 0x0, 0x8000000000000]}) [ 587.316006][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 587.328539][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' 02:36:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:44 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) [ 587.392782][T29553] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.400735][T29571] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.412705][T29571] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.446116][T29553] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.448891][T29571] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.474562][T29567] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.483582][T29567] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.505483][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 587.516231][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 587.519493][T29571] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.563469][T29567] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.571484][T29567] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.602217][T29547] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.612799][T29547] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.624974][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.633788][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.642315][T29555] overlayfs: failed to resolve './file1': -2 [ 587.651599][T29553] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env 02:36:44 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400007, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) 02:36:44 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, 0xffffffffffffffff, 0x0) 02:36:44 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:44 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) r4 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000077000/0x4000)=nil, 0x4000, 0x4, 0x12, r4, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000077000/0x3000)=nil, 0x3000}, &(0x7f00000000c0)=0x10) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) [ 587.659882][T29553] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.674245][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 587.683338][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 587.741407][T29694] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.772545][T29694] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.812475][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 587.814445][T29694] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.824276][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 587.827111][T29694] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.837784][T29689] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.850130][T29714] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.861528][T29714] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.892137][T29689] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 587.911685][T29807] overlayfs: failed to resolve './file1': -2 [ 587.918522][T29714] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.926195][T29714] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.950690][T29777] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 587.958442][T29777] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 587.983850][T29694] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 587.995579][T29694] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.048301][T29777] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.055570][T29777] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 588.070006][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 588.077367][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 588.105750][T29714] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.112999][T29714] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 588.151181][T29815] overlayfs: failed to resolve './file1': -2 [ 588.158193][T29714] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.165547][T29714] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:45 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) setsockopt$inet_tcp_int(r0, 0x6, 0x21e, &(0x7f0000000000)=0x1, 0x4) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) 02:36:45 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:45 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) ftruncate(r1, 0x208200) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, 0xffffffffffffffff, 0x0) 02:36:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) 02:36:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x20000000000000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x100, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x7, 0x10, r0, 0x0) unlinkat(r2, &(0x7f0000000080)='./file0\x00', 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f00000000c0)={0xffff, 0x10000}) 02:36:45 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000340)=@v2={0x2000000, [{}, {0x7}]}, 0x14, 0x1) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000040)) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$btrfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000940), 0x0, 0x0) syz_mount_image$ntfs(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000380), 0xc) mount$overlay(0x400008, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65312c776f726b6469723d2e2f66696c653100d5d909abea03ef71344b294bf3e6dcf0823e2398182392e0dcc7d97e09edef61c01455c0eee11e25fb3bf476999ef4"]) syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0)='IPVS\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xa00, 0x1000000) [ 588.200708][ T3873] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.208251][ T3873] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:45 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) socket$rds(0x15, 0x5, 0x0) r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) [ 588.268791][T29827] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.283089][T29827] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:45 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) setsockopt$inet_tcp_int(r0, 0x6, 0x1000000000022, &(0x7f0000000040)=0x1, 0x1f1) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) [ 588.316013][T29825] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.330073][T29827] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.337954][T29821] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.345166][T29821] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.353463][T29825] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:45 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r1, 0x0) [ 588.357342][T29827] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:45 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000) r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 588.406567][T29821] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.414027][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 588.429154][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 588.431428][T29821] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' 02:36:45 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r1) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) [ 588.458703][T29825] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.495531][ T26] kauditd_printk_skb: 9 callbacks suppressed 02:36:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x6, 0x204000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000040)=0x5) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x7b, 0x0, [0x277, 0x2]}) 02:36:45 executing program 5: syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) dup(0xffffffffffffffff) r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001480)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2973ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a95310da713cff077b06000000d4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147ee038b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe26ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd292fdf886ee3e64b90f47ce22661c7a21f7bc10df0248079b7be17284eb54e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d7b3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c", 0x2bc}], 0x1}, 0x0) 02:36:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f023c123f3188a070") clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clock_adjtime(0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x1d) ptrace$cont(0x18, r1, 0x0, 0x0) remap_file_pages(&(0x7f0000610000/0x2000)=nil, 0x2000, 0x1000002, 0xbe, 0x4023) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x0, 0x146}) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r3, 0x110, 0x4, &(0x7f0000001ac0), 0x4) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x1f, 0xca100) getsockname(r3, &(0x7f0000000040)=@hci={0x1f, 0x0}, &(0x7f0000000180)=0x80) setsockopt$inet6_mreq(r4, 0x29, 0x15, &(0x7f00000001c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r5}, 0x14) [ 588.495543][ T26] audit: type=1804 audit(1550371005.293:196): pid=29943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/578/file0/bus" dev="ramfs" ino=95724 res=1 [ 588.519027][T29825] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:45 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) sendmmsg(r0, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004b40), 0x36a, &(0x7f0000004bc0)}, 0x8}], 0x31e9cd3487de83, 0x20004bc0) 02:36:45 executing program 1: r0 = memfd_create(&(0x7f0000000040)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(0xffffffffffffffff, 0xc040563e, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='ramfs\x00', 0x0, 0x0) ioctl$void(r0, 0xc0045878) chdir(&(0x7f0000000000)='./file0\x00') syz_open_dev$mice(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000700)='./bus\x00', 0x0) getgid() open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x602200, 0x4, 0x4002011, r1, 0x0) [ 588.575683][ T3873] kobject: 'loop2' (00000000a3e1ebb9): kobject_uevent_env [ 588.607383][ T3873] kobject: 'loop2' (00000000a3e1ebb9): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 588.610778][ T26] audit: type=1804 audit(1550371005.343:197): pid=29943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/578/file0/bus" dev="ramfs" ino=95724 res=1 [ 588.621669][T29928] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.650350][T29928] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 588.675146][T29951] overlayfs: upper fs does not support tmpfile. [ 588.684420][T29951] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off. [ 588.698644][T29928] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.708526][T29928] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 588.722355][ T26] audit: type=1804 audit(1550371005.353:198): pid=29943 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/578/file0/bus" dev="ramfs" ino=95724 res=1 [ 588.723773][T29963] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.760032][ T3873] kobject: 'loop1' (000000001d42c426): kobject_uevent_env [ 588.767190][ T3873] kobject: 'loop1' (000000001d42c426): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 588.772526][T29963] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.815134][ T26] audit: type=1804 audit(1550371005.613:199): pid=29970 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/579/file0/bus" dev="ramfs" ino=95801 res=1 [ 588.826022][T29963] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.854724][T29954] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.862494][T29825] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.873454][T29963] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.876033][T29825] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 588.890174][ T26] audit: type=1804 audit(1550371005.613:200): pid=29970 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/579/file0/bus" dev="ramfs" ino=95801 res=1 [ 588.895936][T29954] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.923263][ T26] audit: type=1804 audit(1550371005.613:201): pid=29970 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir995119196/syzkaller.sGyxMG/579/file0/bus" dev="ramfs" ino=95801 res=1 [ 588.940531][T29976] overlayfs: failed to resolve './file1': -2 [ 588.962513][T29954] kobject: 'kvm' (0000000081ea19e5): kobject_uevent_env [ 588.970277][T29954] kobject: 'kvm' (0000000081ea19e5): fill_kobj_path: path = '/devices/virtual/misc/kvm' [ 588.988246][T29825] kobject: 'loop0' (00000000c944ed86): kobject_uevent_env [ 588.999405][T29825] kobject: 'loop0' (00000000c944ed86): fill_kobj_path: path = '/devices/virtual/block/loop0' 02:36:45 executing program 0: r0 = socket(0x1b, 0x80007, 0x10000) syz_genetlink_get_family_id$nbd(&(0x7f0000000400)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x800) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) add_key(&(0x7f0000000240)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff8) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) r2 = syz_open_dev$amidi(0x0, 0x0, 0x420040) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000140)='hugetlbfs\x00', 0x0, &(0x7f000000a000)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000540)='/dev/dlm_plock\x00', 0x2000, 0x0) chdir(&(0x7f0000000100)='./file0\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000002c0)) fsetxattr$security_capability(r1, 0x0, &(0x7f0000000