program:
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000200)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0) (fail_nth: 29)
[ 60.207079][ T48] Bluetooth: hci0: command tx timeout
[ 60.285478][ T5104] evm: overlay not supported
[ 60.288084][ T5104] FAULT_INJECTION: forcing a failure.
[ 60.288084][ T5104] name failslab, interval 1, probability 0, space 0, times 1
[ 60.292782][ T5104] CPU: 0 UID: 0 PID: 5104 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[ 60.296590][ T5104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 60.300584][ T5104] Call Trace:
[ 60.301860][ T5104]
[ 60.302963][ T5104] dump_stack_lvl+0x241/0x360
[ 60.304815][ T5104] ? __pfx_dump_stack_lvl+0x10/0x10
[ 60.306791][ T5104] ? __pfx__printk+0x10/0x10
[ 60.308511][ T5104] ? __kmalloc_cache_noprof+0x44/0x2c0
[ 60.310540][ T5104] ? __pfx___might_resched+0x10/0x10
[ 60.312524][ T5104] should_fail_ex+0x3b0/0x4e0
[ 60.314187][ T5104] should_failslab+0xac/0x100
[ 60.315982][ T5104] ? ovl_encode_real_fh+0xdf/0x410
[ 60.318026][ T5104] __kmalloc_cache_noprof+0x6c/0x2c0
[ 60.319941][ T5104] ? dput+0x37/0x2b0
[ 60.321398][ T5104] ovl_encode_real_fh+0xdf/0x410
[ 60.323180][ T5104] ? __pfx_ovl_encode_real_fh+0x10/0x10
[ 60.325102][ T5104] ? _raw_spin_unlock+0x28/0x50
[ 60.326752][ T5104] ovl_encode_fh+0x388/0xc20
[ 60.328416][ T5104] exportfs_encode_fh+0x1bd/0x3e0
[ 60.330160][ T5104] ovl_encode_real_fh+0x129/0x410
[ 60.331933][ T5104] ? __pfx_ovl_encode_real_fh+0x10/0x10
[ 60.333853][ T5104] ? bpf_lsm_capable+0x9/0x10
[ 60.335651][ T5104] ? capable+0x89/0xe0
[ 60.337381][ T5104] ovl_copy_up_flags+0x1068/0x46f0
[ 60.339500][ T5104] ? do_raw_spin_unlock+0x58/0x8b0
[ 60.341339][ T5104] ? finish_task_switch+0x1e5/0x870
[ 60.343209][ T5104] ? __pfx_ovl_copy_up_flags+0x10/0x10
[ 60.345209][ T5104] ? __pfx___schedule+0x10/0x10
[ 60.346946][ T5104] ? __pfx___console_unlock+0x10/0x10
[ 60.348859][ T5104] ? llist_add_batch+0x143/0x270
[ 60.350771][ T5104] ? __pfx_llist_add_batch+0x10/0x10
[ 60.352641][ T5104] ? preempt_schedule+0xe1/0xf0
[ 60.354329][ T5104] ? __pfx_preempt_schedule+0x10/0x10
[ 60.356186][ T5104] ? console_unlock+0x2fc/0x3b0
[ 60.357946][ T5104] ? tick_nohz_tick_stopped+0x82/0xb0
[ 60.359851][ T5104] ? __irq_work_queue_local+0x137/0x410
[ 60.361835][ T5104] ? ktime_get_coarse_real_ts64+0x10b/0x120
[ 60.363891][ T5104] ? make_vfsuid+0x52/0xa0
[ 60.365380][ T5104] ? setattr_prepare+0x1f5/0xb20
[ 60.366945][ T5104] ovl_setattr+0x11d/0x5a0
[ 60.368434][ T5104] ? __pfx_ovl_setattr+0x10/0x10
[ 60.370174][ T5104] notify_change+0xbca/0xe90
[ 60.371793][ T5104] chown_common+0x501/0x850
[ 60.373431][ T5104] ? __pfx_chown_common+0x10/0x10
[ 60.375169][ T5104] ? rcu_read_lock_any_held+0xb7/0x160
[ 60.377126][ T5104] ? mnt_get_write_access+0x226/0x2b0
[ 60.379004][ T5104] do_fchownat+0x16a/0x240
[ 60.380513][ T5104] ? __pfx_do_fchownat+0x10/0x10
[ 60.382298][ T5104] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 60.384446][ T5104] ? do_syscall_64+0x100/0x230
[ 60.386136][ T5104] __x64_sys_fchownat+0xb5/0xd0
[ 60.387862][ T5104] do_syscall_64+0xf3/0x230
[ 60.389482][ T5104] ? clear_bhb_loop+0x35/0x90
[ 60.391206][ T5104] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.393310][ T5104] RIP: 0033:0x7ff7d5b7dff9
[ 60.394947][ T5104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 60.401871][ T5104] RSP: 002b:00007ff7d6a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[ 60.404763][ T5104] RAX: ffffffffffffffda RBX: 00007ff7d5d35f80 RCX: 00007ff7d5b7dff9
[ 60.407587][ T5104] RDX: 0000000000000000 RSI: 0000000020000440 RDI: ffffffffffffff9c
[ 60.410523][ T5104] RBP: 00007ff7d6a37090 R08: 0000000000000000 R09: 0000000000000000
[ 60.413373][ T5104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 60.416253][ T5104] R13: 0000000000000000 R14: 00007ff7d5d35f80 R15: 00007ffc08f4a4a8
[ 60.419099][ T5104]
[ 60.428848][ T5104] ------------[ cut here ]------------
[ 60.430936][ T5104] WARNING: CPU: 0 PID: 5104 at fs/overlayfs/copy_up.c:448 ovl_encode_real_fh+0x2e2/0x410
[ 60.434559][ T5104] Modules linked in:
[ 60.436068][ T5104] CPU: 0 UID: 0 PID: 5104 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[ 60.439805][ T5104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 60.443947][ T5104] RIP: 0010:ovl_encode_real_fh+0x2e2/0x410
[ 60.446132][ T5104] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 05 b6 75 fe 90 0f 0b 90 eb 14 e8 fa b5 75 fe 90 0f 0b 90 eb 09 e8 ef b5 75 fe 90 <0f> 0b 90 4c 89 ff e8 b3 6a d3 fe 49 c7 c7 fb ff ff ff eb 8b 89 d1
[ 60.452834][ T5104] RSP: 0018:ffffc9000de8f3c0 EFLAGS: 00010293
[ 60.455334][ T5104] RAX: ffffffff831f21f1 RBX: 1ffff92001bd1e80 RCX: ffff888000922440
[ 60.458198][ T5104] RDX: 0000000000000000 RSI: 00000000000000ff RDI: 00000000000000ff
[ 60.460997][ T5104] RBP: ffffc9000de8f470 R08: ffffffff831f208c R09: 1ffffffff2039fdd
[ 60.463888][ T5104] R10: dffffc0000000000 R11: fffffbfff2039fde R12: 00000000000000ff
[ 60.466983][ T5104] R13: 0000000000000080 R14: 1ffff92001bd1e7c R15: ffff888040805600
[ 60.469881][ T5104] FS: 00007ff7d6a376c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[ 60.473102][ T5104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 60.475594][ T5104] CR2: 00007ff7d686d9b8 CR3: 0000000041436000 CR4: 0000000000352ef0
[ 60.478454][ T5104] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 60.481327][ T5104] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 60.484279][ T5104] Call Trace:
[ 60.485524][ T5104]
[ 60.486620][ T5104] ? __warn+0x168/0x4e0
[ 60.488090][ T5104] ? ovl_encode_real_fh+0x2e2/0x410
[ 60.489933][ T5104] ? report_bug+0x2b3/0x500
[ 60.491478][ T5104] ? ovl_encode_real_fh+0x2e2/0x410
[ 60.493267][ T5104] ? handle_bug+0x60/0x90
[ 60.494835][ T5104] ? exc_invalid_op+0x1a/0x50
[ 60.496452][ T5104] ? asm_exc_invalid_op+0x1a/0x20
[ 60.498189][ T5104] ? ovl_encode_real_fh+0x17c/0x410
[ 60.500094][ T5104] ? ovl_encode_real_fh+0x2e1/0x410
[ 60.502001][ T5104] ? ovl_encode_real_fh+0x2e2/0x410
[ 60.504056][ T5104] ? __pfx_ovl_encode_real_fh+0x10/0x10
[ 60.506066][ T5104] ? bpf_lsm_capable+0x9/0x10
[ 60.507813][ T5104] ? capable+0x89/0xe0
[ 60.509274][ T5104] ovl_copy_up_flags+0x1068/0x46f0
[ 60.511121][ T5104] ? do_raw_spin_unlock+0x58/0x8b0
[ 60.512855][ T5104] ? finish_task_switch+0x1e5/0x870
[ 60.514748][ T5104] ? __pfx_ovl_copy_up_flags+0x10/0x10
[ 60.516601][ T5104] ? __pfx___schedule+0x10/0x10
[ 60.518316][ T5104] ? __pfx___console_unlock+0x10/0x10
[ 60.520141][ T5104] ? llist_add_batch+0x143/0x270
[ 60.521830][ T5104] ? __pfx_llist_add_batch+0x10/0x10
[ 60.523639][ T5104] ? preempt_schedule+0xe1/0xf0
[ 60.525490][ T5104] ? __pfx_preempt_schedule+0x10/0x10
[ 60.527571][ T5104] ? console_unlock+0x2fc/0x3b0
[ 60.529476][ T5104] ? tick_nohz_tick_stopped+0x82/0xb0
[ 60.531514][ T5104] ? __irq_work_queue_local+0x137/0x410
[ 60.533500][ T5104] ? ktime_get_coarse_real_ts64+0x10b/0x120
[ 60.535644][ T5104] ? make_vfsuid+0x52/0xa0
[ 60.537239][ T5104] ? setattr_prepare+0x1f5/0xb20
[ 60.538987][ T5104] ovl_setattr+0x11d/0x5a0
[ 60.540594][ T5104] ? __pfx_ovl_setattr+0x10/0x10
[ 60.542345][ T5104] notify_change+0xbca/0xe90
[ 60.544874][ T5104] chown_common+0x501/0x850
[ 60.546731][ T5104] ? __pfx_chown_common+0x10/0x10
[ 60.548674][ T5104] ? rcu_read_lock_any_held+0xb7/0x160
[ 60.550778][ T5104] ? mnt_get_write_access+0x226/0x2b0
[ 60.552825][ T5104] do_fchownat+0x16a/0x240
[ 60.554854][ T5104] ? __pfx_do_fchownat+0x10/0x10
[ 60.556743][ T5104] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 60.559106][ T5104] ? do_syscall_64+0x100/0x230
[ 60.560917][ T5104] __x64_sys_fchownat+0xb5/0xd0
[ 60.562775][ T5104] do_syscall_64+0xf3/0x230
[ 60.564588][ T5104] ? clear_bhb_loop+0x35/0x90
[ 60.566247][ T5104] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.568178][ T5104] RIP: 0033:0x7ff7d5b7dff9
[ 60.569733][ T5104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 60.577064][ T5104] RSP: 002b:00007ff7d6a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[ 60.580214][ T5104] RAX: ffffffffffffffda RBX: 00007ff7d5d35f80 RCX: 00007ff7d5b7dff9
[ 60.583245][ T5104] RDX: 0000000000000000 RSI: 0000000020000440 RDI: ffffffffffffff9c
[ 60.586170][ T5104] RBP: 00007ff7d6a37090 R08: 0000000000000000 R09: 0000000000000000
[ 60.588903][ T5104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 60.591875][ T5104] R13: 0000000000000000 R14: 00007ff7d5d35f80 R15: 00007ffc08f4a4a8
[ 60.594961][ T5104]
[ 60.596154][ T5104] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 60.598905][ T5104] CPU: 0 UID: 0 PID: 5104 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[ 60.602853][ T5104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 60.606944][ T5104] Call Trace:
[ 60.608239][ T5104]
[ 60.609369][ T5104] dump_stack_lvl+0x241/0x360
[ 60.611166][ T5104] ? __pfx_dump_stack_lvl+0x10/0x10
[ 60.613173][ T5104] ? __pfx__printk+0x10/0x10
[ 60.614943][ T5104] ? vscnprintf+0x5d/0x90
[ 60.616630][ T5104] panic+0x349/0x880
[ 60.618142][ T5104] ? __warn+0x177/0x4e0
[ 60.619711][ T5104] ? __pfx_panic+0x10/0x10
[ 60.621458][ T5104] __warn+0x34b/0x4e0
[ 60.622962][ T5104] ? ovl_encode_real_fh+0x2e2/0x410
[ 60.624929][ T5104] report_bug+0x2b3/0x500
[ 60.626571][ T5104] ? ovl_encode_real_fh+0x2e2/0x410
[ 60.628533][ T5104] handle_bug+0x60/0x90
[ 60.630103][ T5104] exc_invalid_op+0x1a/0x50
[ 60.631789][ T5104] asm_exc_invalid_op+0x1a/0x20
[ 60.633694][ T5104] RIP: 0010:ovl_encode_real_fh+0x2e2/0x410
[ 60.635937][ T5104] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 05 b6 75 fe 90 0f 0b 90 eb 14 e8 fa b5 75 fe 90 0f 0b 90 eb 09 e8 ef b5 75 fe 90 <0f> 0b 90 4c 89 ff e8 b3 6a d3 fe 49 c7 c7 fb ff ff ff eb 8b 89 d1
[ 60.643172][ T5104] RSP: 0018:ffffc9000de8f3c0 EFLAGS: 00010293
[ 60.645465][ T5104] RAX: ffffffff831f21f1 RBX: 1ffff92001bd1e80 RCX: ffff888000922440
[ 60.648406][ T5104] RDX: 0000000000000000 RSI: 00000000000000ff RDI: 00000000000000ff
[ 60.651272][ T5104] RBP: ffffc9000de8f470 R08: ffffffff831f208c R09: 1ffffffff2039fdd
[ 60.654225][ T5104] R10: dffffc0000000000 R11: fffffbfff2039fde R12: 00000000000000ff
[ 60.657175][ T5104] R13: 0000000000000080 R14: 1ffff92001bd1e7c R15: ffff888040805600
[ 60.660080][ T5104] ? ovl_encode_real_fh+0x17c/0x410
[ 60.662047][ T5104] ? ovl_encode_real_fh+0x2e1/0x410
[ 60.663909][ T5104] ? __pfx_ovl_encode_real_fh+0x10/0x10
[ 60.665824][ T5104] ? bpf_lsm_capable+0x9/0x10
[ 60.667462][ T5104] ? capable+0x89/0xe0
[ 60.668883][ T5104] ovl_copy_up_flags+0x1068/0x46f0
[ 60.670678][ T5104] ? do_raw_spin_unlock+0x58/0x8b0
[ 60.672435][ T5104] ? finish_task_switch+0x1e5/0x870
[ 60.674267][ T5104] ? __pfx_ovl_copy_up_flags+0x10/0x10
[ 60.676114][ T5104] ? __pfx___schedule+0x10/0x10
[ 60.677822][ T5104] ? __pfx___console_unlock+0x10/0x10
[ 60.679922][ T5104] ? llist_add_batch+0x143/0x270
[ 60.681873][ T5104] ? __pfx_llist_add_batch+0x10/0x10
[ 60.683818][ T5104] ? preempt_schedule+0xe1/0xf0
[ 60.685593][ T5104] ? __pfx_preempt_schedule+0x10/0x10
[ 60.687582][ T5104] ? console_unlock+0x2fc/0x3b0
[ 60.689443][ T5104] ? tick_nohz_tick_stopped+0x82/0xb0
[ 60.691439][ T5104] ? __irq_work_queue_local+0x137/0x410
[ 60.693507][ T5104] ? ktime_get_coarse_real_ts64+0x10b/0x120
[ 60.695729][ T5104] ? make_vfsuid+0x52/0xa0
[ 60.697412][ T5104] ? setattr_prepare+0x1f5/0xb20
[ 60.699267][ T5104] ovl_setattr+0x11d/0x5a0
[ 60.700921][ T5104] ? __pfx_ovl_setattr+0x10/0x10
[ 60.702752][ T5104] notify_change+0xbca/0xe90
[ 60.704446][ T5104] chown_common+0x501/0x850
[ 60.706179][ T5104] ? __pfx_chown_common+0x10/0x10
[ 60.708065][ T5104] ? rcu_read_lock_any_held+0xb7/0x160
[ 60.710183][ T5104] ? mnt_get_write_access+0x226/0x2b0
[ 60.712201][ T5104] do_fchownat+0x16a/0x240
[ 60.713951][ T5104] ? __pfx_do_fchownat+0x10/0x10
[ 60.715832][ T5104] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 60.718215][ T5104] ? do_syscall_64+0x100/0x230
[ 60.720003][ T5104] __x64_sys_fchownat+0xb5/0xd0
[ 60.721849][ T5104] do_syscall_64+0xf3/0x230
[ 60.723590][ T5104] ? clear_bhb_loop+0x35/0x90
[ 60.725371][ T5104] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 60.727589][ T5104] RIP: 0033:0x7ff7d5b7dff9
[ 60.729300][ T5104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 60.736455][ T5104] RSP: 002b:00007ff7d6a37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[ 60.739622][ T5104] RAX: ffffffffffffffda RBX: 00007ff7d5d35f80 RCX: 00007ff7d5b7dff9
[ 60.742701][ T5104] RDX: 0000000000000000 RSI: 0000000020000440 RDI: ffffffffffffff9c
[ 60.745662][ T5104] RBP: 00007ff7d6a37090 R08: 0000000000000000 R09: 0000000000000000
[ 60.748672][ T5104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 60.751727][ T5104] R13: 0000000000000000 R14: 00007ff7d5d35f80 R15: 00007ffc08f4a4a8
[ 60.754725][ T5104]
[ 60.756177][ T5104] Kernel Offset: disabled
[ 60.757827][ T5104] Rebooting in 86400 seconds..