956569ef3fe89cadb5e5ad428af964f5056efacbc6f6d7da3364d552d6aceb27fe13e261332128784b0170ebf91e96a41a130fe4c7068f17e02cb3037b509b33cca10184f0873d39e636e550dae4ed9031a7f6e002b57750ba8f2ef634faaa6db1d0f9cb4848f59a70129fe0399ceb78304687d1f5a4446eef4f64a7fc52d71e7f76175a4beaf8c2b61b3cbdfa8e481d4ac9ce8b6289ad2b6c1eabbda358e829c568425a62e124b939666d3a1539fb35d1daaea1721cf849d6e9b38c54f9eaed1492254e3a4d4c4b427445949a695416f6c0a53f393005656d438390fbca7e75096b493ac4b4cb4091a4cd94568d9cc1f86d980744404018cc648aac5c3f787dba837b1db10d7e0db93ed82950befbc08663dcb9685694a099991cf251d95d5d3dca38e8f03f30350e454534b979978f81ce67a75648daee3fdf3c26a0e74f60338a8cfd6e0dddb5d94adda968061541e55ab6443903ac1869fbe7fa462974ef6476aad29b420b0e1d3d17c3cb6200ca36553eccd4801e990d769b416517e2b069399dc5da7bc90456cff129e8f6246d7dbe704b058b3795384163a244d798fba3ca9f9f6a12ef2cdb657f0b39faa0900aca0d963230140e24277158df691fce8cc0589ff950af6365e1a54bd654ecdd916d3a8374ce425424a521ad"}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socketpair$unix(0x1, 0x4000000002, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x17a, 0x0, 0xc1]}) 01:40:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x19, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) preadv(r1, &(0x7f0000000700), 0x298, 0x0) 01:40:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x21, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, 0x0) preadv(r1, &(0x7f0000000700), 0x298, 0x0) 01:40:31 executing program 0: mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x1, 0x4001b071, 0xffffffffffffffff, 0x0) [ 251.470853] kvm [10015]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 01:40:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x22, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:31 executing program 2: ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88\xae|\b\xca\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v\x0e\xc2F\x82\x9b\xe2U\x0fb=\xbe$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0) 01:40:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(0xffffffffffffffff, &(0x7f0000000700), 0x298, 0x0) [ 251.534833] kvm [10015]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc1 data 0x0 [ 251.552500] protocol 88fb is buggy, dev hsr_slave_0 [ 251.557571] protocol 88fb is buggy, dev hsr_slave_1 01:40:31 executing program 0: r0 = socket$inet(0xa, 0x801, 0x84) listen(r0, 0x8) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) 01:40:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x29, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:31 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000ccb000), 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000100)={r0, r1}) close(r3) 01:40:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(0xffffffffffffffff, &(0x7f0000000700), 0x298, 0x0) 01:40:31 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:31 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x30, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:31 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(0xffffffffffffffff, &(0x7f0000000700), 0x298, 0x0) [ 251.862537] protocol 88fb is buggy, dev hsr_slave_0 [ 251.867684] protocol 88fb is buggy, dev hsr_slave_1 [ 251.879680] overlayfs: missing 'lowerdir' 01:40:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x31, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:32 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 251.942515] protocol 88fb is buggy, dev hsr_slave_0 [ 251.947731] protocol 88fb is buggy, dev hsr_slave_1 01:40:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, 0x0, 0x0, 0x0) [ 252.028817] IPVS: ftp: loaded support on port[0] = 21 [ 252.065568] overlayfs: missing 'lowerdir' 01:40:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x32, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, 0x0, 0x0, 0x0) 01:40:32 executing program 5: r0 = open(&(0x7f00000003c0)='./file0\x00', 0x143042, 0x0) write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0) r1 = gettid() ptrace$peekuser(0x3, 0x0, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$P9_RMKDIR(0xffffffffffffffff, 0x0, 0xe475009ebe6f8c3f) ioctl$TIOCNOTTY(0xffffffffffffffff, 0x5422) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0) clone(0x0, 0x0, 0x0, 0x0, 0x0) capget(0x0, &(0x7f00000002c0)) writev(0xffffffffffffffff, 0x0, 0x0) write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x1fc) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, 0x0) ioctl$TCGETA(0xffffffffffffffff, 0x5405, 0x0) getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) tkill(r1, 0x1000000000016) 01:40:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, 0x0, 0x0, 0x0) 01:40:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x82, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 252.263068] protocol 88fb is buggy, dev hsr_slave_0 [ 252.268500] protocol 88fb is buggy, dev hsr_slave_1 [ 252.395655] IPVS: ftp: loaded support on port[0] = 21 01:40:32 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:32 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x83, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:32 executing program 3: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x10004) 01:40:32 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket(0x840000000002, 0x3, 0xff) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) sendmmsg(r1, &(0x7f0000006d00)=[{{0x0, 0x0, &(0x7f0000000040), 0x2}}], 0xd3, 0x1ffffffe) [ 252.481452] overlayfs: missing 'lowerdir' [ 252.491824] kernel msg: ebtables bug: please report to author: Wrong size 01:40:32 executing program 3: syz_open_dev$usb(&(0x7f00000003c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x0) 01:40:32 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00004ca000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000007050100000000000000020000200000"], 0x14}}, 0x0) [ 252.601296] IPVS: ftp: loaded support on port[0] = 21 01:40:32 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x85, &(0x7f0000001200)={'nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:32 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00'}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="f45e69c90008000014001400626f6e645f736c6176655f3000000000c58bc99e079b27a60532efa923cb1ef5666a197d16b7c376a83eb568fce21bfc9ed0d3d6a43b54676afc045dcc1a521bfe0a98a4a675db1bad7a7d48ae91a91a21a3eae6d52cd88367c26cbb29a387ae9cb9e1c0130ef24bd94c907e29a0302b6e1072a24b66d4ac4a45c695ce0798ef27cc92e3862d67d52cb0335c6cf3fe1af9ae9c25b5a85d4b534bd4dbe9ca31531da984ccc19ac7965c8de0a1e869e218bdaaa261533c90be65e1a9dbc02795ec60ab08ed3bcc699fdbf7982ce8506c0912c40f36c02716f35db55a2e889205eccc8a6c3887102c3c786e1dfe13"], 0x1}}, 0x0) [ 252.781546] overlayfs: missing 'lowerdir' 01:40:33 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:33 executing program 5: inotify_init() socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0) openat$urandom(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x5452, &(0x7f0000000080)) 01:40:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'\nat\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:33 executing program 3: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usb(&(0x7f00000003c0)='/dev/bus/usb/00#/00#\x00', 0x40000fffffb, 0x802) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000000)={0x5, 0x7, 0x0, 0x7, 0x4, 0x7, 0x3ff, 0x42, 0x3, 0x8d60, 0x8fbf, 0x7}) 01:40:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:33 executing program 5: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0xc80, 0x0) ioctl$VT_RELDISP(r2, 0x5605) setsockopt$sock_int(r1, 0x1, 0x1000000000000006, &(0x7f0000000140)=0x32, 0x4) connect$inet(r1, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10) open(&(0x7f0000000180)='./file0\x00', 0x640800, 0x4) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, 0x0, 0x0) listxattr(0x0, &(0x7f00000002c0)=""/204, 0xcc) getpeername$packet(r2, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000004c0)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={&(0x7f0000000280), 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0x800, 0x70bd2b, 0x25dfdbfd, {0x0, r3, {0xffff, 0xfffb}, {0xf}, {0xfff3, 0xfffb}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10) ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000240)={0xfffffffffffffeff, 0x6, 0xfc0}) sendmmsg(r1, &(0x7f0000007fc0), 0x4000000000001a8, 0x0) 01:40:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, 0x0, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'%at\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 253.085805] IPVS: ftp: loaded support on port[0] = 21 01:40:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:33 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x8000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03177f454c46060507000700ab7320000000020000000d0000007b030000000000004000cd72001000008f0200000d00160000003f00380001000900ff4b010002000023b759991416da6976a4a2b11330176b37f73c6329847f20af55efd0d73d8d8f0797a03c050000000c630419a4cceb1f63b412d5e07a9c3e9dd628affaf39286c0dbe1b80dac864e3ee6b8422cc0e2a609f6fdd9e71030f6317de21dea6527dfe711c74f8db47c223f7f82e0ce811c79943a88de97f8c27b69735acaba9ec92000f0a048b53c66ef955df550b8a734f7f58d640d55db2e0000"], 0xdc) recvmmsg(r0, &(0x7f0000007b80)=[{{&(0x7f0000000280)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000002700)=[{&(0x7f0000000300)=""/33, 0x21}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/140, 0x8c}, {&(0x7f0000001400)=""/118, 0x76}, {&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000002480)=""/129, 0x81}, {&(0x7f0000002540)=""/186, 0x2a2}, {&(0x7f0000002600)=""/244, 0xf4}], 0x8, &(0x7f0000002780)=""/210, 0xd2}, 0x100000001}, {{&(0x7f0000002880)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000002a00)=[{&(0x7f0000002900)=""/18, 0x12}, {&(0x7f0000002940)=""/33, 0x21}, {&(0x7f0000002980)=""/95, 0x5f}], 0x3, &(0x7f0000002a40)=""/6, 0x6}, 0x3}, {{&(0x7f0000002a80)=@x25, 0x80, &(0x7f0000002b80)=[{&(0x7f0000002b00)=""/70, 0x46}], 0x1, &(0x7f0000002bc0)=""/4096, 0x1000}, 0x9}, {{0x0, 0x0, &(0x7f0000004e40)=[{&(0x7f0000003bc0)=""/146, 0x92}, {&(0x7f0000003c80)=""/100, 0x64}, {&(0x7f0000003d00)=""/4096, 0x1000}, {&(0x7f0000004d00)=""/246, 0xf6}, {&(0x7f0000004e00)=""/48, 0x30}], 0x5, &(0x7f0000004ec0)=""/96, 0x60}, 0x101}, {{&(0x7f0000004f40)=@generic, 0x80, &(0x7f0000005080)=[{&(0x7f0000004fc0)=""/182, 0xb6}], 0x1, &(0x7f00000050c0)=""/249, 0xf9}, 0x2}, {{&(0x7f00000051c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}}, 0x80, &(0x7f00000064c0)=[{&(0x7f0000005240)=""/188, 0xbc}, {&(0x7f0000005300)=""/155, 0x9b}, {&(0x7f00000053c0)=""/189, 0xbd}, {&(0x7f0000005480)=""/4096, 0x1000}, {&(0x7f0000006480)=""/39, 0x27}], 0x5, &(0x7f0000006540)=""/96, 0x60}, 0x200}, {{0x0, 0x0, &(0x7f0000007840)=[{&(0x7f00000065c0)=""/114, 0x72}, {&(0x7f0000006640)=""/4096, 0x1000}, {&(0x7f0000007640)=""/154, 0x9a}, {&(0x7f0000007700)=""/139, 0x8b}, {&(0x7f00000077c0)=""/108, 0x6c}], 0x5, &(0x7f00000078c0)=""/86, 0x56}, 0xffffffffffffffc1}, {{&(0x7f0000007940)=@nl=@unspec, 0x80, &(0x7f0000007b00)=[{&(0x7f00000079c0)=""/70, 0x46}, {&(0x7f0000007a40)=""/102, 0x66}, {&(0x7f0000007ac0)=""/9, 0x9}], 0x3, &(0x7f0000007b40)=""/37, 0x25}, 0x1}], 0x8, 0x44000102, 0x0) [ 253.279013] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 01:40:33 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'n\nt\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:33 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'n%t\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 253.640975] IPVS: ftp: loaded support on port[0] = 21 [ 253.679523] overlayfs: missing 'lowerdir' 01:40:34 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'na\n\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 254.028392] overlayfs: missing 'lowerdir' 01:40:34 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_execute_func(&(0x7f0000000040)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f") setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, 0xfffffffffffffffe, 0xfe39) sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) 01:40:34 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'na%\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:34 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 254.225034] overlayfs: missing 'lowerdir' 01:40:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:34 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 254.284800] IPVS: ftp: loaded support on port[0] = 21 01:40:34 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 254.419731] overlayfs: missing 'lowerdir' 01:40:34 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:34 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 254.641085] overlayfs: missing 'lowerdir' 01:40:35 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x200000, 0x0) poll(&(0x7f0000000180)=[{r0}], 0x1, 0x0) 01:40:35 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:35 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:35 executing program 2: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:35 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88\xae|\b\xca\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v\x0e\xc2F\x82\x9b\xe2U\x0fb=\xbe$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) [ 255.083990] overlayfs: missing 'lowerdir' 01:40:35 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f00000000c0)=0x102, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000000180)=0x9, 0x4) bind$inet6(r1, &(0x7f0000000240)={0xa, 0x44e20}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20040000, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 01:40:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:35 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:35 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 255.172189] IPVS: ftp: loaded support on port[0] = 21 [ 255.221420] overlayfs: missing 'lowerdir' 01:40:35 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:35 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:35 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:35 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:35 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:36 executing program 5: write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) [ 255.934578] overlayfs: missing 'lowerdir' 01:40:36 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:36 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:36 executing program 5: write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) [ 256.079418] IPVS: ftp: loaded support on port[0] = 21 01:40:36 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 256.215121] overlayfs: missing 'lowerdir' [ 256.422497] net_ratelimit: 22 callbacks suppressed [ 256.422504] protocol 88fb is buggy, dev hsr_slave_0 [ 256.432595] protocol 88fb is buggy, dev hsr_slave_1 01:40:36 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:36 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:36 executing program 5: write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) 01:40:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 256.742511] protocol 88fb is buggy, dev hsr_slave_0 [ 256.747688] protocol 88fb is buggy, dev hsr_slave_1 01:40:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:36 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 256.783788] kernel msg: ebtables bug: please report to author: Wrong size [ 256.803461] overlayfs: missing 'lowerdir' 01:40:36 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 256.905782] kernel msg: ebtables bug: please report to author: Wrong size [ 256.931887] overlayfs: missing 'lowerdir' 01:40:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 257.011691] kernel msg: ebtables bug: please report to author: Wrong size [ 257.094369] overlayfs: missing 'lowerdir' [ 257.382526] protocol 88fb is buggy, dev hsr_slave_0 [ 257.387724] protocol 88fb is buggy, dev hsr_slave_1 [ 257.617409] IPVS: ftp: loaded support on port[0] = 21 01:40:37 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:37 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:37 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:37 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 257.780797] kernel msg: ebtables bug: please report to author: Wrong size [ 257.788545] protocol 88fb is buggy, dev hsr_slave_0 [ 257.788593] protocol 88fb is buggy, dev hsr_slave_1 [ 257.809748] overlayfs: missing 'lowerdir' 01:40:37 executing program 5: r0 = syz_open_dev$sg(0x0, 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 257.906633] kernel msg: ebtables bug: please report to author: Wrong size 01:40:38 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:38 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 258.002930] overlayfs: missing 'lowerdir' 01:40:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 258.102531] protocol 88fb is buggy, dev hsr_slave_0 [ 258.107794] protocol 88fb is buggy, dev hsr_slave_1 [ 258.631999] IPVS: ftp: loaded support on port[0] = 21 01:40:38 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:38 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:38 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:38 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 258.753778] kernel msg: ebtables bug: please report to author: Wrong size [ 258.770940] overlayfs: missing 'lowerdir' 01:40:38 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:38 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:39 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:39 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 258.960966] kernel msg: ebtables bug: please report to author: Wrong size [ 258.975225] overlayfs: missing 'lowerdir' [ 259.618538] IPVS: ftp: loaded support on port[0] = 21 01:40:39 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:39 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:39 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:39 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:39 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 259.759902] overlayfs: missing 'lowerdir' [ 259.766488] kernel msg: ebtables bug: please report to author: Wrong size 01:40:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 259.873085] IPVS: ftp: loaded support on port[0] = 21 01:40:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:40 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:40 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 260.007788] kernel msg: ebtables bug: please report to author: Wrong size [ 260.025628] overlayfs: missing 'lowerdir' 01:40:40 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040), 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:40 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:40 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:40:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:40 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, 0x0, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 260.243498] kernel msg: ebtables bug: please report to author: Wrong size 01:40:40 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:40 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) 01:40:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 260.447815] kernel msg: ebtables bug: please report to author: Wrong size 01:40:41 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:41 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040), 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:41 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) 01:40:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:41 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 261.127005] kernel msg: ebtables bug: please report to author: Wrong size 01:40:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:41 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(0xffffffffffffffff, 0x227d, &(0x7f0000000140)) 01:40:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:41 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) [ 261.305996] kernel msg: ebtables bug: please report to author: Wrong size 01:40:41 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) [ 261.542481] net_ratelimit: 18 callbacks suppressed [ 261.542488] protocol 88fb is buggy, dev hsr_slave_0 [ 261.552566] protocol 88fb is buggy, dev hsr_slave_1 [ 261.942528] protocol 88fb is buggy, dev hsr_slave_0 [ 261.947615] protocol 88fb is buggy, dev hsr_slave_1 01:40:42 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040), 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:42 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) 01:40:42 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) 01:40:42 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, 0x0) [ 262.029684] kernel msg: ebtables bug: please report to author: Wrong size 01:40:42 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) 01:40:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:42 executing program 5: getpgid(0x0) sched_getparam(0x0, 0x0) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) ptrace$poke(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xa040, 0x0) syz_open_procfs$namespace(0x0, 0x0) mincore(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) ioctl(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x0, 0x0) read$eventfd(r0, 0x0, 0x0) 01:40:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 262.224009] kernel msg: ebtables bug: please report to author: Wrong size [ 262.262857] protocol 88fb is buggy, dev hsr_slave_0 [ 262.268047] protocol 88fb is buggy, dev hsr_slave_1 [ 262.342674] protocol 88fb is buggy, dev hsr_slave_0 [ 262.347771] protocol 88fb is buggy, dev hsr_slave_1 [ 262.662478] protocol 88fb is buggy, dev hsr_slave_0 [ 262.667695] protocol 88fb is buggy, dev hsr_slave_1 01:40:42 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:42 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='memory.high\x00', 0x2, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', 0x0, 0x14}, 0x10) write$cgroup_int(r1, 0x0, 0x0) r2 = gettid() perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0xffffffffc6d1fc2b, 0x5, 0x80, 0x3, 0x0, 0x5, 0x1, 0x0, 0xfffffffffffffffb, 0x7, 0x4, 0x5, 0x4, 0x1, 0x1ff, 0x80000000, 0xfffffffffffffff7, 0x5, 0x1, 0x94a5, 0x100, 0xfffffffffffffeff, 0xa9, 0xffffffff00000000, 0x7ff, 0x1, 0x3, 0x7f, 0xf79, 0x1, 0xffffffff, 0x0, 0xd8, 0x4a359d1d, 0x6, 0x7fff, 0x0, 0x1, 0x4, @perf_bp={&(0x7f0000000100), 0x7}, 0x80, 0x0, 0x40, 0xf, 0x6, 0x7}, r2, 0xc, 0xffffffffffffffff, 0x8) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) 01:40:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:42 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000040)=""/59, 0xfe63, 0x0) 01:40:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 262.894128] kernel msg: ebtables bug: please report to author: Wrong size 01:40:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, 0x0) 01:40:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:43 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @loopback, @dev}, 0xc) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/mcfilter\x00') readv(r1, &(0x7f0000001580)=[{&(0x7f0000000080)=""/17, 0x11}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x2) [ 263.054573] kernel msg: ebtables bug: please report to author: Wrong size [ 263.064486] IPVS: ftp: loaded support on port[0] = 21 [ 263.073100] overlayfs: missing 'lowerdir' 01:40:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, 0x0) 01:40:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 263.212257] kernel msg: ebtables bug: please report to author: Wrong size [ 263.248732] overlayfs: missing 'lowerdir' 01:40:43 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:43 executing program 3: clone(0x602102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, 0x0, 0x0) r0 = socket$inet(0x2, 0x80001, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x4000010000000013, &(0x7f0000000040)=0x1, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @loopback}, 0x10) 01:40:43 executing program 5: creat(0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r0 = syz_open_dev$loop(&(0x7f0000000640)='/dev/loop#\x00', 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/154) ioctl$BLKPG(r0, 0x1269, &(0x7f00000006c0)={0x3, 0x0, 0x0, &(0x7f0000000800)}) 01:40:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, 0x0) 01:40:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 263.326893] kernel msg: ebtables bug: please report to author: Wrong size 01:40:43 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) getpeername(r0, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000080)=0x80) dup2(r1, r2) fsetxattr$security_smack_transmute(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000000), 0x4) [ 263.386563] overlayfs: missing 'lowerdir' 01:40:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 263.448792] kernel msg: ebtables bug: please report to author: Wrong size [ 263.459754] IPVS: ftp: loaded support on port[0] = 21 01:40:43 executing program 5: ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000040)=""/59, 0xfe63, 0x0) 01:40:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)) 01:40:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 263.650236] kernel msg: ebtables bug: please report to author: Wrong size [ 263.668195] overlayfs: missing 'lowerdir' 01:40:43 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 263.915113] IPVS: ftp: loaded support on port[0] = 21 01:40:44 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)) 01:40:44 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040), 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 264.193549] kernel msg: ebtables bug: please report to author: Wrong size [ 264.210865] overlayfs: missing 'lowerdir' 01:40:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)) 01:40:44 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 264.293581] IPVS: ftp: loaded support on port[0] = 21 [ 264.401150] kernel msg: ebtables bug: please report to author: Wrong size [ 264.428421] overlayfs: missing 'lowerdir' 01:40:44 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:44 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 264.649078] kernel msg: ebtables bug: please report to author: Wrong size 01:40:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:44 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:44 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:45 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 264.866132] kernel msg: ebtables bug: please report to author: Wrong size 01:40:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:45 executing program 5 (fault-call:3 fault-nth:0): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:45 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:45 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 265.035979] IPVS: ftp: loaded support on port[0] = 21 [ 265.137020] FAULT_INJECTION: forcing a failure. [ 265.137020] name failslab, interval 1, probability 0, space 0, times 1 [ 265.154484] kernel msg: ebtables bug: please report to author: Wrong size 01:40:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 265.207327] IPVS: ftp: loaded support on port[0] = 21 [ 265.212768] CPU: 1 PID: 10792 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 265.220030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.229364] Call Trace: [ 265.229389] dump_stack+0x172/0x1f0 [ 265.229496] should_fail.cold+0xa/0x1b [ 265.229512] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 265.244813] ? lock_downgrade+0x810/0x810 [ 265.249028] ? ___might_sleep+0x163/0x280 [ 265.253222] __should_failslab+0x121/0x190 [ 265.253252] should_failslab+0x9/0x14 [ 265.253266] __kmalloc_track_caller+0x2d8/0x740 [ 265.266101] ? __sb_end_write+0xd9/0x110 [ 265.266141] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 265.275753] ? strndup_user+0x77/0xd0 [ 265.275771] memdup_user+0x26/0xb0 [ 265.283071] strndup_user+0x77/0xd0 [ 265.286715] ksys_mount+0x3c/0x150 [ 265.290259] __x64_sys_mount+0xbe/0x150 [ 265.294273] do_syscall_64+0x103/0x610 [ 265.298169] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.303362] RIP: 0033:0x457e29 [ 265.306552] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.306559] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 265.306571] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 265.306579] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 265.306586] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 01:40:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:45 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 265.306610] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 265.306617] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 265.482817] kernel msg: ebtables bug: please report to author: Wrong size 01:40:45 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:45 executing program 5 (fault-call:3 fault-nth:1): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x0, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:45 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 265.646872] kernel msg: ebtables bug: please report to author: Wrong size [ 265.652734] FAULT_INJECTION: forcing a failure. [ 265.652734] name failslab, interval 1, probability 0, space 0, times 0 [ 265.677555] CPU: 1 PID: 10817 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 265.684857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.694208] Call Trace: [ 265.696819] dump_stack+0x172/0x1f0 [ 265.700467] should_fail.cold+0xa/0x1b [ 265.704371] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 265.709484] ? lock_downgrade+0x810/0x810 [ 265.713630] ? ___might_sleep+0x163/0x280 [ 265.717782] __should_failslab+0x121/0x190 [ 265.722015] should_failslab+0x9/0x14 [ 265.725826] kmem_cache_alloc_trace+0x2d1/0x760 [ 265.730504] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 265.736100] ? _copy_from_user+0xdd/0x150 [ 265.740257] copy_mount_options+0x5c/0x440 01:40:45 executing program 3: setrlimit(0x0, &(0x7f0000000040)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 265.744488] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 265.750047] ksys_mount+0xa7/0x150 [ 265.753591] __x64_sys_mount+0xbe/0x150 [ 265.757569] do_syscall_64+0x103/0x610 [ 265.761455] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.761466] RIP: 0033:0x457e29 [ 265.761477] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.761485] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:40:45 executing program 2 (fault-call:1 fault-nth:0): setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:45 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:45 executing program 5 (fault-call:3 fault-nth:2): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 265.761495] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 265.761501] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 265.761508] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 265.761515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 265.761521] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:40:45 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 265.873421] kernel msg: ebtables bug: please report to author: Wrong size [ 265.873970] IPVS: ftp: loaded support on port[0] = 21 [ 265.994507] FAULT_INJECTION: forcing a failure. [ 265.994507] name failslab, interval 1, probability 0, space 0, times 0 [ 266.032268] CPU: 1 PID: 10840 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 266.039561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.048904] Call Trace: [ 266.051489] dump_stack+0x172/0x1f0 [ 266.055121] should_fail.cold+0xa/0x1b [ 266.059002] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 266.064098] ? lock_downgrade+0x810/0x810 [ 266.068245] ? ___might_sleep+0x163/0x280 [ 266.072475] __should_failslab+0x121/0x190 [ 266.076704] should_failslab+0x9/0x14 [ 266.080494] kmem_cache_alloc+0x2be/0x710 [ 266.084695] ? fs_reclaim_acquire+0x20/0x20 [ 266.089029] ? find_held_lock+0x35/0x130 [ 266.093119] getname_flags+0xd6/0x5b0 [ 266.096919] user_path_at_empty+0x2f/0x50 [ 266.101063] do_mount+0x15e/0x2d30 [ 266.104690] ? copy_mount_options+0x5c/0x440 [ 266.109092] ? copy_mount_string+0x40/0x40 [ 266.113345] ? kmem_cache_alloc_trace+0x354/0x760 [ 266.118192] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 266.123723] ? _copy_from_user+0xdd/0x150 [ 266.127877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.133413] ? copy_mount_options+0x30e/0x440 [ 266.137901] ksys_mount+0xdb/0x150 [ 266.141422] __x64_sys_mount+0xbe/0x150 [ 266.145375] do_syscall_64+0x103/0x610 [ 266.149244] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.154408] RIP: 0033:0x457e29 [ 266.157578] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.176546] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 266.184341] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:40:46 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:46 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:46 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x2, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 266.191605] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 266.198852] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 266.206102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 266.213347] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:40:46 executing program 5 (fault-call:3 fault-nth:3): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:46 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x3, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 266.260159] kernel msg: ebtables bug: please report to author: Wrong size 01:40:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:46 executing program 3: setrlimit(0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:46 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x4, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:46 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 266.410705] IPVS: ftp: loaded support on port[0] = 21 [ 266.421438] kernel msg: ebtables bug: please report to author: Wrong size [ 266.607796] FAULT_INJECTION: forcing a failure. [ 266.607796] name failslab, interval 1, probability 0, space 0, times 0 [ 266.619366] CPU: 0 PID: 10886 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 266.626622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.635951] Call Trace: [ 266.638527] dump_stack+0x172/0x1f0 [ 266.642138] should_fail.cold+0xa/0x1b [ 266.646095] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 266.651284] ? lock_downgrade+0x810/0x810 [ 266.655422] ? ___might_sleep+0x163/0x280 [ 266.659563] __should_failslab+0x121/0x190 [ 266.663892] should_failslab+0x9/0x14 [ 266.667678] kmem_cache_alloc+0x2be/0x710 [ 266.671802] ? find_held_lock+0x35/0x130 [ 266.675839] ? cache_grow_end+0xa4/0x190 [ 266.679878] getname_flags+0xd6/0x5b0 [ 266.683666] user_path_at_empty+0x2f/0x50 [ 266.687801] do_mount+0x15e/0x2d30 [ 266.691331] ? copy_mount_options+0x5c/0x440 [ 266.695873] ? copy_mount_string+0x40/0x40 [ 266.700083] ? kmem_cache_alloc_trace+0x354/0x760 [ 266.704916] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.710445] ? copy_mount_options+0x30e/0x440 [ 266.714928] ksys_mount+0xdb/0x150 [ 266.718452] __x64_sys_mount+0xbe/0x150 [ 266.722413] do_syscall_64+0x103/0x610 [ 266.726296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.731467] RIP: 0033:0x457e29 [ 266.734644] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.753528] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 266.761222] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 266.768468] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 266.775712] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 266.782984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 266.790236] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 266.822462] net_ratelimit: 22 callbacks suppressed [ 266.822467] protocol 88fb is buggy, dev hsr_slave_0 [ 266.832558] protocol 88fb is buggy, dev hsr_slave_1 01:40:47 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:47 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x7, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:47 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) 01:40:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:47 executing program 5 (fault-call:3 fault-nth:4): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 267.142489] protocol 88fb is buggy, dev hsr_slave_0 [ 267.147679] protocol 88fb is buggy, dev hsr_slave_1 [ 267.168841] kernel msg: ebtables bug: please report to author: Wrong size [ 267.174457] FAULT_INJECTION: forcing a failure. [ 267.174457] name failslab, interval 1, probability 0, space 0, times 0 [ 267.208540] CPU: 0 PID: 10897 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 267.215831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.225274] Call Trace: [ 267.227881] dump_stack+0x172/0x1f0 [ 267.231526] should_fail.cold+0xa/0x1b [ 267.235436] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 267.240547] ? lock_downgrade+0x810/0x810 [ 267.244701] ? ___might_sleep+0x163/0x280 [ 267.248876] __should_failslab+0x121/0x190 [ 267.253120] should_failslab+0x9/0x14 [ 267.256924] kmem_cache_alloc+0x2be/0x710 [ 267.258051] IPVS: ftp: loaded support on port[0] = 21 [ 267.261064] ? lock_downgrade+0x810/0x810 [ 267.261083] alloc_vfsmnt+0x28/0x780 [ 267.261098] vfs_kern_mount.part.0+0x2a/0x410 [ 267.278685] do_mount+0x581/0x2d30 [ 267.282346] ? finish_automount+0x471/0x490 [ 267.286675] ? copy_mount_string+0x40/0x40 [ 267.289598] kernel msg: ebtables bug: please report to author: Wrong size [ 267.290911] ? kmem_cache_alloc_trace+0x354/0x760 [ 267.290930] ? _copy_from_user+0xdd/0x150 [ 267.290947] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 267.312359] ? copy_mount_options+0x30e/0x440 [ 267.316857] ksys_mount+0xdb/0x150 [ 267.320391] __x64_sys_mount+0xbe/0x150 [ 267.324372] do_syscall_64+0x103/0x610 [ 267.328270] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.333467] RIP: 0033:0x457e29 [ 267.336656] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 01:40:47 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) 01:40:47 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x8, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:47 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0xd, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 267.355549] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 267.363280] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 267.370551] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 267.377821] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 267.384985] kernel msg: ebtables bug: please report to author: Wrong size [ 267.385099] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 267.399277] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 267.782671] protocol 88fb is buggy, dev hsr_slave_0 [ 267.787789] protocol 88fb is buggy, dev hsr_slave_1 01:40:48 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) getsockopt$netrom_NETROM_IDLE(0xffffffffffffffff, 0x103, 0x7, 0x0, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:48 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:48 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0xe, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:48 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:48 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ffa000/0x2000)=nil) 01:40:48 executing program 5 (fault-call:3 fault-nth:5): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:48 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0xf, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 268.040729] kernel msg: ebtables bug: please report to author: Wrong size 01:40:48 executing program 3 (fault-call:1 fault-nth:0): setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:48 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 268.088985] FAULT_INJECTION: forcing a failure. [ 268.088985] name failslab, interval 1, probability 0, space 0, times 0 [ 268.103817] IPVS: ftp: loaded support on port[0] = 21 01:40:48 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 268.191930] CPU: 0 PID: 10942 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 268.199335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.208682] Call Trace: [ 268.211269] dump_stack+0x172/0x1f0 [ 268.214900] should_fail.cold+0xa/0x1b [ 268.218789] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 268.223893] ? lock_downgrade+0x810/0x810 [ 268.226471] kernel msg: ebtables bug: please report to author: Wrong size [ 268.228047] ? ___might_sleep+0x163/0x280 [ 268.228068] __should_failslab+0x121/0x190 [ 268.228085] should_failslab+0x9/0x14 [ 268.247116] kmem_cache_alloc_trace+0x2d1/0x760 [ 268.251781] ? kasan_check_read+0x11/0x20 [ 268.255919] ? do_raw_spin_unlock+0x57/0x270 [ 268.260331] ? get_anon_bdev+0xc0/0xc0 [ 268.262477] protocol 88fb is buggy, dev hsr_slave_0 [ 268.264210] sget_userns+0x11b/0xd30 [ 268.264223] ? get_anon_bdev+0xc0/0xc0 [ 268.264236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.269256] protocol 88fb is buggy, dev hsr_slave_1 [ 268.272921] ? get_anon_bdev+0xc0/0xc0 [ 268.272932] sget+0x10c/0x150 [ 268.273020] ? ovl_show_options+0x550/0x550 [ 268.282322] mount_nodev+0x31/0x110 [ 268.282346] ovl_mount+0x2d/0x40 [ 268.282359] mount_fs+0x106/0x3ff [ 268.298590] ? emergency_thaw_all+0x1a0/0x1a0 [ 268.298643] ? __init_waitqueue_head+0x36/0x90 [ 268.298661] vfs_kern_mount.part.0+0x6f/0x410 [ 268.318068] do_mount+0x581/0x2d30 [ 268.318082] ? finish_automount+0x471/0x490 [ 268.318098] ? copy_mount_string+0x40/0x40 [ 268.334595] ? kmem_cache_alloc_trace+0x354/0x760 [ 268.339445] ? _copy_from_user+0xdd/0x150 [ 268.343596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.349128] ? copy_mount_options+0x30e/0x440 [ 268.353727] ksys_mount+0xdb/0x150 [ 268.353742] __x64_sys_mount+0xbe/0x150 [ 268.353759] do_syscall_64+0x103/0x610 [ 268.353775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.353786] RIP: 0033:0x457e29 [ 268.370499] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 01:40:48 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:48 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x10, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 268.370506] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 268.374058] kernel msg: ebtables bug: please report to author: Wrong size [ 268.392570] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 268.392578] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 268.392585] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 268.392592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 268.392599] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 268.502501] protocol 88fb is buggy, dev hsr_slave_0 [ 268.507565] protocol 88fb is buggy, dev hsr_slave_1 01:40:48 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$FUSE_WRITE(0xffffffffffffffff, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:48 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:48 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:48 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:48 executing program 5 (fault-call:3 fault-nth:6): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:48 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x15, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:48 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x2, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:49 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x16, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 268.886930] kernel msg: ebtables bug: please report to author: Wrong size [ 268.898491] FAULT_INJECTION: forcing a failure. [ 268.898491] name failslab, interval 1, probability 0, space 0, times 0 [ 268.964956] CPU: 1 PID: 10976 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 268.972327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.981689] Call Trace: [ 268.984277] dump_stack+0x172/0x1f0 [ 268.987919] should_fail.cold+0xa/0x1b [ 268.991816] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 268.996914] ? lock_downgrade+0x810/0x810 [ 269.001055] ? ___might_sleep+0x163/0x280 [ 269.005203] __should_failslab+0x121/0x190 [ 269.009521] should_failslab+0x9/0x14 01:40:49 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x3, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 269.013318] __kmalloc+0x2dc/0x740 [ 269.016856] ? lockdep_init_map+0x10c/0x5b0 [ 269.021189] ? prealloc_shrinker+0xdf/0x340 [ 269.025608] prealloc_shrinker+0xdf/0x340 [ 269.029756] sget_userns+0x7ef/0xd30 [ 269.033457] ? get_anon_bdev+0xc0/0xc0 [ 269.033480] ? get_anon_bdev+0xc0/0xc0 [ 269.033493] sget+0x10c/0x150 [ 269.033510] ? ovl_show_options+0x550/0x550 [ 269.033521] mount_nodev+0x31/0x110 [ 269.033533] ovl_mount+0x2d/0x40 [ 269.041263] mount_fs+0x106/0x3ff [ 269.059028] ? emergency_thaw_all+0x1a0/0x1a0 01:40:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 269.063519] ? __init_waitqueue_head+0x36/0x90 [ 269.068099] vfs_kern_mount.part.0+0x6f/0x410 [ 269.072688] do_mount+0x581/0x2d30 [ 269.076229] ? copy_mount_string+0x40/0x40 [ 269.080556] ? copy_mount_options+0x244/0x440 [ 269.085057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 269.090606] ? copy_mount_options+0x30e/0x440 [ 269.095110] ksys_mount+0xdb/0x150 [ 269.098306] IPVS: ftp: loaded support on port[0] = 21 [ 269.098646] __x64_sys_mount+0xbe/0x150 [ 269.098663] do_syscall_64+0x103/0x610 [ 269.111670] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.116846] RIP: 0033:0x457e29 [ 269.116858] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 269.116866] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 269.138923] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 269.153877] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:40:49 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x4, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 269.161138] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 269.168398] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 269.175656] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 269.229520] kernel msg: ebtables bug: please report to author: Wrong size 01:40:49 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:49 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x17, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x400000000000001) 01:40:49 executing program 5 (fault-call:3 fault-nth:7): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:49 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x7, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:49 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x8, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 269.438668] kernel msg: ebtables bug: please report to author: Wrong size 01:40:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x400000000000001) 01:40:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:49 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x18, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 269.503621] FAULT_INJECTION: forcing a failure. [ 269.503621] name failslab, interval 1, probability 0, space 0, times 0 [ 269.552539] CPU: 0 PID: 11016 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 269.559835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.563895] IPVS: ftp: loaded support on port[0] = 21 [ 269.569171] Call Trace: [ 269.576955] dump_stack+0x172/0x1f0 [ 269.580609] should_fail.cold+0xa/0x1b [ 269.584525] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 269.589636] ? lock_downgrade+0x810/0x810 [ 269.593797] ? ___might_sleep+0x163/0x280 [ 269.597947] __should_failslab+0x121/0x190 [ 269.602175] should_failslab+0x9/0x14 [ 269.605970] kmem_cache_alloc_node_trace+0x270/0x720 [ 269.606059] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 269.606085] __kmalloc_node+0x3d/0x70 [ 269.616605] kvmalloc_node+0x68/0x100 [ 269.616652] __list_lru_init+0x4aa/0x6e0 [ 269.616683] sget_userns+0x81e/0xd30 [ 269.628322] ? get_anon_bdev+0xc0/0xc0 [ 269.628349] ? get_anon_bdev+0xc0/0xc0 [ 269.635904] sget+0x10c/0x150 [ 269.642867] ? ovl_show_options+0x550/0x550 [ 269.642883] mount_nodev+0x31/0x110 [ 269.642898] ovl_mount+0x2d/0x40 [ 269.654158] mount_fs+0x106/0x3ff [ 269.657626] ? emergency_thaw_all+0x1a0/0x1a0 [ 269.657641] ? __init_waitqueue_head+0x36/0x90 [ 269.657660] vfs_kern_mount.part.0+0x6f/0x410 [ 269.671169] do_mount+0x581/0x2d30 [ 269.671183] ? finish_automount+0x471/0x490 [ 269.679639] ? copy_mount_string+0x40/0x40 [ 269.679654] ? kmem_cache_alloc_trace+0x354/0x760 [ 269.679670] ? _copy_from_user+0xdd/0x150 [ 269.679687] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 269.692836] ? copy_mount_options+0x30e/0x440 01:40:49 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x19, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:49 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x1a, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 269.692854] ksys_mount+0xdb/0x150 [ 269.692870] __x64_sys_mount+0xbe/0x150 [ 269.692905] do_syscall_64+0x103/0x610 [ 269.692921] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.702901] RIP: 0033:0x457e29 [ 269.702915] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 269.702922] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 269.702935] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 269.702943] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 269.702952] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 269.714371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 269.714379] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 269.740222] kernel msg: ebtables bug: please report to author: Wrong size 01:40:50 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x1b, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:50 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0xd, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r0, 0x400000000000001) 01:40:50 executing program 5 (fault-call:3 fault-nth:8): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 269.969852] FAULT_INJECTION: forcing a failure. [ 269.969852] name failslab, interval 1, probability 0, space 0, times 0 [ 269.987536] kernel msg: ebtables bug: please report to author: Wrong size [ 270.019267] CPU: 0 PID: 11046 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 270.027063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.036404] Call Trace: [ 270.036426] dump_stack+0x172/0x1f0 [ 270.036443] should_fail.cold+0xa/0x1b [ 270.042608] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 270.042622] ? lock_downgrade+0x810/0x810 [ 270.042635] ? ___might_sleep+0x163/0x280 [ 270.042654] __should_failslab+0x121/0x190 [ 270.064063] should_failslab+0x9/0x14 [ 270.064078] kmem_cache_alloc_node_trace+0x270/0x720 [ 270.064091] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 270.064107] __kmalloc_node+0x3d/0x70 [ 270.072970] kvmalloc_node+0x68/0x100 [ 270.085952] __list_lru_init+0x4aa/0x6e0 [ 270.090009] sget_userns+0x81e/0xd30 [ 270.093731] ? get_anon_bdev+0xc0/0xc0 [ 270.093751] ? get_anon_bdev+0xc0/0xc0 [ 270.101482] sget+0x10c/0x150 [ 270.101498] ? ovl_show_options+0x550/0x550 [ 270.101513] mount_nodev+0x31/0x110 [ 270.112501] ovl_mount+0x2d/0x40 [ 270.115870] mount_fs+0x106/0x3ff [ 270.119329] ? emergency_thaw_all+0x1a0/0x1a0 [ 270.123826] ? __init_waitqueue_head+0x36/0x90 [ 270.128423] vfs_kern_mount.part.0+0x6f/0x410 [ 270.132921] do_mount+0x581/0x2d30 [ 270.136466] ? copy_mount_string+0x40/0x40 [ 270.140701] ? copy_mount_options+0x234/0x440 [ 270.145281] ? copy_mount_options+0x23a/0x440 [ 270.149774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 270.155311] ? copy_mount_options+0x30e/0x440 [ 270.159807] ksys_mount+0xdb/0x150 [ 270.163345] __x64_sys_mount+0xbe/0x150 [ 270.167320] do_syscall_64+0x103/0x610 [ 270.171206] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.176392] RIP: 0033:0x457e29 [ 270.179589] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.198478] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 270.198491] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:40:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x1c, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x1d, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0xe, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 270.198499] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 270.198506] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 270.198515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 270.235201] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 270.261887] IPVS: ftp: loaded support on port[0] = 21 01:40:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 270.289008] kernel msg: ebtables bug: please report to author: Wrong size [ 270.364408] kernel msg: ebtables bug: please report to author: Wrong size 01:40:50 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x1e, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0xf, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 5 (fault-call:3 fault-nth:9): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 270.564761] FAULT_INJECTION: forcing a failure. [ 270.564761] name failslab, interval 1, probability 0, space 0, times 0 [ 270.566815] kernel msg: ebtables bug: please report to author: Wrong size [ 270.585061] CPU: 0 PID: 11080 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 270.592342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.601815] Call Trace: [ 270.604419] dump_stack+0x172/0x1f0 [ 270.608051] should_fail.cold+0xa/0x1b [ 270.611939] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 270.617067] ? lock_downgrade+0x810/0x810 [ 270.621220] ? ___might_sleep+0x163/0x280 [ 270.625400] __should_failslab+0x121/0x190 [ 270.629631] should_failslab+0x9/0x14 [ 270.633434] kmem_cache_alloc_trace+0x2d1/0x760 [ 270.638101] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 270.643200] __memcg_init_list_lru_node+0x8a/0x1e0 [ 270.648127] __list_lru_init+0x3d3/0x6e0 [ 270.652200] sget_userns+0x81e/0xd30 [ 270.655911] ? get_anon_bdev+0xc0/0xc0 [ 270.659805] ? get_anon_bdev+0xc0/0xc0 [ 270.663712] sget+0x10c/0x150 [ 270.666820] ? ovl_show_options+0x550/0x550 [ 270.671147] mount_nodev+0x31/0x110 [ 270.674858] ovl_mount+0x2d/0x40 [ 270.678224] mount_fs+0x106/0x3ff [ 270.681679] ? emergency_thaw_all+0x1a0/0x1a0 [ 270.686175] ? __init_waitqueue_head+0x36/0x90 [ 270.690756] vfs_kern_mount.part.0+0x6f/0x410 [ 270.695261] do_mount+0x581/0x2d30 [ 270.698802] ? finish_automount+0x471/0x490 [ 270.703125] ? copy_mount_string+0x40/0x40 [ 270.707357] ? kmem_cache_alloc_trace+0x354/0x760 [ 270.712288] ? _copy_from_user+0xdd/0x150 [ 270.716446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 270.722004] ? copy_mount_options+0x30e/0x440 [ 270.726521] ksys_mount+0xdb/0x150 [ 270.730060] __x64_sys_mount+0xbe/0x150 [ 270.734038] do_syscall_64+0x103/0x610 [ 270.738019] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.743193] RIP: 0033:0x457e29 [ 270.746379] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x21, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:50 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x22, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 270.765270] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 270.772974] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 270.780251] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 270.787532] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 270.794795] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 270.802058] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 270.882232] IPVS: ftp: loaded support on port[0] = 21 01:40:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:51 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x24, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x10, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:51 executing program 5 (fault-call:3 fault-nth:10): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 270.983124] kernel msg: ebtables bug: please report to author: Wrong size [ 271.006645] FAULT_INJECTION: forcing a failure. [ 271.006645] name failslab, interval 1, probability 0, space 0, times 0 [ 271.080515] CPU: 1 PID: 11101 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 271.087916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.097258] Call Trace: [ 271.099850] dump_stack+0x172/0x1f0 [ 271.103574] should_fail.cold+0xa/0x1b [ 271.107463] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 271.112566] ? lock_downgrade+0x810/0x810 [ 271.116726] ? ___might_sleep+0x163/0x280 [ 271.120897] __should_failslab+0x121/0x190 [ 271.125136] should_failslab+0x9/0x14 [ 271.129049] kmem_cache_alloc_node_trace+0x270/0x720 [ 271.134150] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 271.139584] __kmalloc_node+0x3d/0x70 [ 271.143363] kvmalloc_node+0x68/0x100 [ 271.147146] __list_lru_init+0x4aa/0x6e0 [ 271.151222] sget_userns+0x81e/0xd30 [ 271.154917] ? get_anon_bdev+0xc0/0xc0 [ 271.158784] ? get_anon_bdev+0xc0/0xc0 [ 271.162650] sget+0x10c/0x150 [ 271.165744] ? ovl_show_options+0x550/0x550 [ 271.170043] mount_nodev+0x31/0x110 [ 271.173650] ovl_mount+0x2d/0x40 [ 271.177001] mount_fs+0x106/0x3ff [ 271.180440] ? emergency_thaw_all+0x1a0/0x1a0 [ 271.184915] ? __init_waitqueue_head+0x36/0x90 [ 271.189959] vfs_kern_mount.part.0+0x6f/0x410 [ 271.194439] do_mount+0x581/0x2d30 [ 271.197966] ? finish_automount+0x471/0x490 [ 271.202284] ? copy_mount_string+0x40/0x40 [ 271.206499] ? kmem_cache_alloc_trace+0x354/0x760 [ 271.211324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.216837] ? copy_mount_options+0x30e/0x440 [ 271.221318] ksys_mount+0xdb/0x150 [ 271.224842] __x64_sys_mount+0xbe/0x150 [ 271.228796] do_syscall_64+0x103/0x610 [ 271.232664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.237830] RIP: 0033:0x457e29 [ 271.240999] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 271.259876] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 271.267648] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:40:51 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:51 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x25, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x15, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 271.274905] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 271.282156] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 271.289491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 271.296736] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:40:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:51 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x16, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 271.377433] IPVS: ftp: loaded support on port[0] = 21 01:40:51 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x26, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 271.419073] kernel msg: ebtables bug: please report to author: Wrong size 01:40:51 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x17, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:51 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x27, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x18, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:51 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:51 executing program 5 (fault-call:3 fault-nth:11): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:52 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x28, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:52 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x19, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 271.881466] kernel msg: ebtables bug: please report to author: Wrong size [ 271.911240] FAULT_INJECTION: forcing a failure. [ 271.911240] name failslab, interval 1, probability 0, space 0, times 0 [ 271.942734] net_ratelimit: 18 callbacks suppressed [ 271.942740] protocol 88fb is buggy, dev hsr_slave_0 [ 271.947760] protocol 88fb is buggy, dev hsr_slave_1 [ 271.982129] CPU: 1 PID: 11145 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 271.989425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.998767] Call Trace: [ 271.998789] dump_stack+0x172/0x1f0 [ 271.998807] should_fail.cold+0xa/0x1b [ 271.998823] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 271.998840] ? lock_downgrade+0x810/0x810 [ 272.004372] IPVS: ftp: loaded support on port[0] = 21 [ 272.005019] ? ___might_sleep+0x163/0x280 [ 272.005039] __should_failslab+0x121/0x190 [ 272.005054] should_failslab+0x9/0x14 [ 272.035741] kmem_cache_alloc_trace+0x2d1/0x760 [ 272.040399] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 272.040419] __memcg_init_list_lru_node+0x8a/0x1e0 [ 272.040435] __list_lru_init+0x3d3/0x6e0 [ 272.054559] sget_userns+0x81e/0xd30 [ 272.058287] ? get_anon_bdev+0xc0/0xc0 [ 272.062188] ? get_anon_bdev+0xc0/0xc0 [ 272.066067] sget+0x10c/0x150 [ 272.069168] ? ovl_show_options+0x550/0x550 [ 272.073484] mount_nodev+0x31/0x110 [ 272.077109] ovl_mount+0x2d/0x40 [ 272.080485] mount_fs+0x106/0x3ff [ 272.083941] ? emergency_thaw_all+0x1a0/0x1a0 [ 272.088451] ? __init_waitqueue_head+0x36/0x90 01:40:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 272.093032] vfs_kern_mount.part.0+0x6f/0x410 [ 272.097522] do_mount+0x581/0x2d30 [ 272.101051] ? finish_automount+0x471/0x490 [ 272.105380] ? copy_mount_string+0x40/0x40 [ 272.105394] ? kmem_cache_alloc_trace+0x354/0x760 [ 272.105412] ? _copy_from_user+0xdd/0x150 [ 272.105429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.105440] ? copy_mount_options+0x30e/0x440 [ 272.105456] ksys_mount+0xdb/0x150 [ 272.114494] __x64_sys_mount+0xbe/0x150 [ 272.114510] do_syscall_64+0x103/0x610 [ 272.114528] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.114537] RIP: 0033:0x457e29 [ 272.114549] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 272.114557] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 272.124187] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 272.124207] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:40:52 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x29, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:52 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x1a, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.124214] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 272.124222] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 272.124229] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 272.173778] kernel msg: ebtables bug: please report to author: Wrong size 01:40:52 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x2a, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.422493] protocol 88fb is buggy, dev hsr_slave_0 [ 272.427685] protocol 88fb is buggy, dev hsr_slave_1 01:40:52 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x0) 01:40:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:52 executing program 5 (fault-call:3 fault-nth:12): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:52 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:52 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x2b, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:52 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x1b, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.662498] protocol 88fb is buggy, dev hsr_slave_0 [ 272.667598] protocol 88fb is buggy, dev hsr_slave_1 01:40:52 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x2c, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.761682] IPVS: ftp: loaded support on port[0] = 21 [ 272.778068] kernel msg: ebtables bug: please report to author: Wrong size 01:40:52 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x1c, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.802864] FAULT_INJECTION: forcing a failure. [ 272.802864] name failslab, interval 1, probability 0, space 0, times 0 [ 272.823691] protocol 88fb is buggy, dev hsr_slave_0 [ 272.829194] protocol 88fb is buggy, dev hsr_slave_1 01:40:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:53 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x2f, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 272.940759] CPU: 0 PID: 11183 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 272.948239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.948246] Call Trace: [ 272.948288] dump_stack+0x172/0x1f0 [ 272.948309] should_fail.cold+0xa/0x1b [ 272.948328] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 272.948345] ? lock_downgrade+0x810/0x810 [ 272.948362] ? ___might_sleep+0x163/0x280 [ 272.948383] __should_failslab+0x121/0x190 [ 272.948400] should_failslab+0x9/0x14 [ 272.948414] kmem_cache_alloc_trace+0x2d1/0x760 [ 272.948429] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 272.948448] __memcg_init_list_lru_node+0x8a/0x1e0 [ 273.003902] __list_lru_init+0x3d3/0x6e0 [ 273.007948] sget_userns+0x81e/0xd30 [ 273.011640] ? get_anon_bdev+0xc0/0xc0 [ 273.015510] ? get_anon_bdev+0xc0/0xc0 [ 273.019378] sget+0x10c/0x150 [ 273.022726] ? ovl_show_options+0x550/0x550 [ 273.027028] mount_nodev+0x31/0x110 [ 273.030637] ovl_mount+0x2d/0x40 [ 273.033987] mount_fs+0x106/0x3ff [ 273.037422] ? emergency_thaw_all+0x1a0/0x1a0 [ 273.041901] ? __init_waitqueue_head+0x36/0x90 [ 273.046557] vfs_kern_mount.part.0+0x6f/0x410 [ 273.051055] do_mount+0x581/0x2d30 [ 273.054581] ? finish_automount+0x471/0x490 [ 273.058906] ? copy_mount_string+0x40/0x40 [ 273.063248] ? kmem_cache_alloc_trace+0x354/0x760 [ 273.068092] ? retint_kernel+0x2d/0x2d [ 273.071964] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.077481] ? copy_mount_options+0x30e/0x440 [ 273.081988] ksys_mount+0xdb/0x150 [ 273.085524] __x64_sys_mount+0xbe/0x150 [ 273.089482] do_syscall_64+0x103/0x610 [ 273.093354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.098524] RIP: 0033:0x457e29 [ 273.101722] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.120601] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 273.128285] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x1d, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 273.135536] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 273.142782] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 273.150037] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 273.157286] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000003 [ 273.167930] kernel msg: ebtables bug: please report to author: Wrong size [ 273.172790] protocol 88fb is buggy, dev hsr_slave_0 [ 273.180040] protocol 88fb is buggy, dev hsr_slave_1 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x1e, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x0) 01:40:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:53 executing program 0: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r0 = userfaultfd(0x0) close(r0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:53 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x34, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x21, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 5 (fault-call:3 fault-nth:13): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 273.633056] kernel msg: ebtables bug: please report to author: Wrong size [ 273.670608] IPVS: ftp: loaded support on port[0] = 21 01:40:53 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x35, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x22, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 273.681496] FAULT_INJECTION: forcing a failure. [ 273.681496] name failslab, interval 1, probability 0, space 0, times 0 [ 273.720430] kernel msg: ebtables bug: please report to author: Wrong size [ 273.741992] CPU: 1 PID: 11222 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 273.749362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.758708] Call Trace: [ 273.761297] dump_stack+0x172/0x1f0 [ 273.764932] should_fail.cold+0xa/0x1b [ 273.768828] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.768846] ? lock_downgrade+0x810/0x810 [ 273.768866] ? ___might_sleep+0x163/0x280 [ 273.778079] __should_failslab+0x121/0x190 [ 273.778096] should_failslab+0x9/0x14 [ 273.778129] kmem_cache_alloc_trace+0x2d1/0x760 [ 273.790254] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 273.800068] __memcg_init_list_lru_node+0x8a/0x1e0 [ 273.800087] __list_lru_init+0x3d3/0x6e0 [ 273.800106] sget_userns+0x81e/0xd30 [ 273.812744] ? get_anon_bdev+0xc0/0xc0 [ 273.816642] ? get_anon_bdev+0xc0/0xc0 [ 273.820530] sget+0x10c/0x150 [ 273.823634] ? ovl_show_options+0x550/0x550 [ 273.828059] mount_nodev+0x31/0x110 [ 273.831700] ovl_mount+0x2d/0x40 [ 273.831729] mount_fs+0x106/0x3ff 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x24, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x59616d61, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 273.831743] ? emergency_thaw_all+0x1a0/0x1a0 [ 273.831764] ? __init_waitqueue_head+0x36/0x90 [ 273.838635] vfs_kern_mount.part.0+0x6f/0x410 [ 273.838652] do_mount+0x581/0x2d30 [ 273.838667] ? finish_automount+0x471/0x490 [ 273.860098] ? copy_mount_string+0x40/0x40 [ 273.864335] ? kmem_cache_alloc_trace+0x354/0x760 [ 273.869197] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.874730] ? copy_mount_options+0x30e/0x440 [ 273.879233] ksys_mount+0xdb/0x150 [ 273.882781] __x64_sys_mount+0xbe/0x150 [ 273.886767] do_syscall_64+0x103/0x610 01:40:53 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x25, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 273.890656] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.895834] RIP: 0033:0x457e29 [ 273.899012] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.899019] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 273.899032] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 273.899041] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 273.899049] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 273.899057] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 273.899065] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 273.908522] kernel msg: ebtables bug: please report to author: Wrong size 01:40:54 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x0) 01:40:54 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffa000/0x2000)=nil) 01:40:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:54 executing program 5 (fault-call:3 fault-nth:14): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:54 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x26, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:54 executing program 0: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r0 = userfaultfd(0x0) close(r0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:54 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x27, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 274.443871] kernel msg: ebtables bug: please report to author: Wrong size [ 274.473541] FAULT_INJECTION: forcing a failure. [ 274.473541] name failslab, interval 1, probability 0, space 0, times 0 [ 274.522619] CPU: 0 PID: 11257 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 274.529908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.533417] IPVS: ftp: loaded support on port[0] = 21 [ 274.539249] Call Trace: [ 274.539271] dump_stack+0x172/0x1f0 [ 274.539290] should_fail.cold+0xa/0x1b [ 274.554512] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 274.559611] ? lock_downgrade+0x810/0x810 [ 274.563769] ? ___might_sleep+0x163/0x280 [ 274.567918] __should_failslab+0x121/0x190 [ 274.572159] should_failslab+0x9/0x14 [ 274.575964] kmem_cache_alloc_trace+0x2d1/0x760 [ 274.578629] kernel msg: ebtables bug: please report to author: Wrong size [ 274.580626] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 274.580646] __memcg_init_list_lru_node+0x8a/0x1e0 [ 274.580665] __list_lru_init+0x3d3/0x6e0 [ 274.601606] sget_userns+0x81e/0xd30 [ 274.605319] ? get_anon_bdev+0xc0/0xc0 [ 274.609209] ? get_anon_bdev+0xc0/0xc0 [ 274.613090] sget+0x10c/0x150 [ 274.616191] ? ovl_show_options+0x550/0x550 01:40:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:54 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffa000/0x2000)=nil) 01:40:54 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffa000/0x2000)=nil) [ 274.620499] mount_nodev+0x31/0x110 [ 274.624114] ovl_mount+0x2d/0x40 [ 274.624128] mount_fs+0x106/0x3ff [ 274.624143] ? emergency_thaw_all+0x1a0/0x1a0 [ 274.624158] ? __init_waitqueue_head+0x36/0x90 [ 274.624177] vfs_kern_mount.part.0+0x6f/0x410 [ 274.624192] do_mount+0x581/0x2d30 [ 274.648017] ? finish_automount+0x471/0x490 [ 274.652334] ? copy_mount_string+0x40/0x40 [ 274.652349] ? kmem_cache_alloc_trace+0x354/0x760 [ 274.652366] ? _copy_from_user+0xdd/0x150 [ 274.652381] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.671137] ? copy_mount_options+0x30e/0x440 [ 274.671155] ksys_mount+0xdb/0x150 [ 274.671171] __x64_sys_mount+0xbe/0x150 [ 274.671186] do_syscall_64+0x103/0x610 [ 274.686995] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.692171] RIP: 0033:0x457e29 [ 274.695359] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.714265] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:40:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 274.721972] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 274.729232] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 274.736502] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 274.743762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 274.751041] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:40:54 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) [ 274.822845] kernel msg: ebtables bug: please report to author: Wrong size 01:40:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:55 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x28, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:55 executing program 5 (fault-call:3 fault-nth:15): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:55 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x2000)=nil) 01:40:55 executing program 0: ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r0 = userfaultfd(0x0) close(r0) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r0, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:55 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x29, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:55 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x2000)=nil) [ 275.381681] kernel msg: ebtables bug: please report to author: Wrong size [ 275.405762] IPVS: ftp: loaded support on port[0] = 21 [ 275.433204] FAULT_INJECTION: forcing a failure. [ 275.433204] name failslab, interval 1, probability 0, space 0, times 0 01:40:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 275.558599] CPU: 1 PID: 11298 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 275.565911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.565917] Call Trace: [ 275.565938] dump_stack+0x172/0x1f0 [ 275.565957] should_fail.cold+0xa/0x1b [ 275.585432] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 275.590528] ? lock_downgrade+0x810/0x810 [ 275.594668] ? ___might_sleep+0x163/0x280 [ 275.594686] __should_failslab+0x121/0x190 [ 275.594700] should_failslab+0x9/0x14 [ 275.606989] kmem_cache_alloc_trace+0x2d1/0x760 [ 275.607004] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 275.616729] __memcg_init_list_lru_node+0x8a/0x1e0 [ 275.616745] __list_lru_init+0x3d3/0x6e0 [ 275.616762] sget_userns+0x81e/0xd30 [ 275.625705] ? get_anon_bdev+0xc0/0xc0 [ 275.633273] ? get_anon_bdev+0xc0/0xc0 [ 275.637146] sget+0x10c/0x150 [ 275.637161] ? ovl_show_options+0x550/0x550 [ 275.637174] mount_nodev+0x31/0x110 [ 275.637187] ovl_mount+0x2d/0x40 [ 275.644587] mount_fs+0x106/0x3ff [ 275.644604] ? emergency_thaw_all+0x1a0/0x1a0 [ 275.644631] ? __init_waitqueue_head+0x36/0x90 [ 275.644649] vfs_kern_mount.part.0+0x6f/0x410 [ 275.655028] do_mount+0x581/0x2d30 [ 275.655042] ? finish_automount+0x471/0x490 [ 275.655059] ? copy_mount_string+0x40/0x40 [ 275.664187] ? kmem_cache_alloc_trace+0x354/0x760 [ 275.664205] ? _copy_from_user+0xdd/0x150 [ 275.664221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.676497] ? copy_mount_options+0x30e/0x440 [ 275.676515] ksys_mount+0xdb/0x150 [ 275.676532] __x64_sys_mount+0xbe/0x150 [ 275.685564] do_syscall_64+0x103/0x610 [ 275.685580] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.685591] RIP: 0033:0x457e29 [ 275.695231] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.695239] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 275.695253] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 01:40:55 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:55 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x2a, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:55 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000ffa000/0x2000)=nil) [ 275.753203] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 275.760460] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 275.767728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 275.774990] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000003 01:40:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:55 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffa000/0x2000)=nil) 01:40:56 executing program 5 (fault-call:3 fault-nth:16): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:56 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x2b, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:56 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x2c, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 275.905290] kernel msg: ebtables bug: please report to author: Wrong size [ 275.934944] IPVS: ftp: loaded support on port[0] = 21 [ 276.050678] FAULT_INJECTION: forcing a failure. [ 276.050678] name failslab, interval 1, probability 0, space 0, times 0 [ 276.095815] CPU: 0 PID: 11337 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 276.103227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.112591] Call Trace: [ 276.115192] dump_stack+0x172/0x1f0 [ 276.118822] should_fail.cold+0xa/0x1b [ 276.122711] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 276.127810] ? lock_downgrade+0x810/0x810 [ 276.131955] ? ___might_sleep+0x163/0x280 [ 276.136108] __should_failslab+0x121/0x190 [ 276.140339] should_failslab+0x9/0x14 [ 276.144158] kmem_cache_alloc_trace+0x2d1/0x760 [ 276.149107] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 276.154210] __memcg_init_list_lru_node+0x8a/0x1e0 [ 276.159143] __list_lru_init+0x3d3/0x6e0 [ 276.163204] sget_userns+0x81e/0xd30 [ 276.166911] ? get_anon_bdev+0xc0/0xc0 [ 276.170809] ? get_anon_bdev+0xc0/0xc0 [ 276.174691] sget+0x10c/0x150 [ 276.177789] ? ovl_show_options+0x550/0x550 [ 276.182128] mount_nodev+0x31/0x110 [ 276.185742] ovl_mount+0x2d/0x40 [ 276.189093] mount_fs+0x106/0x3ff 01:40:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:56 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffa000/0x2000)=nil) 01:40:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:56 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 276.192552] ? emergency_thaw_all+0x1a0/0x1a0 [ 276.197039] ? __init_waitqueue_head+0x36/0x90 [ 276.201599] vfs_kern_mount.part.0+0x6f/0x410 [ 276.206071] do_mount+0x581/0x2d30 [ 276.209598] ? finish_automount+0x471/0x490 [ 276.213955] ? copy_mount_string+0x40/0x40 [ 276.218180] ? kmem_cache_alloc_trace+0x354/0x760 [ 276.223192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.228726] ? copy_mount_options+0x30e/0x440 [ 276.233239] ksys_mount+0xdb/0x150 [ 276.236778] __x64_sys_mount+0xbe/0x150 [ 276.240754] do_syscall_64+0x103/0x610 01:40:56 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x2f, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 276.244641] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.249819] RIP: 0033:0x457e29 [ 276.253009] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.271895] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 276.271908] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 276.271916] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:40:56 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x34, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 276.271923] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 276.271931] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 276.271938] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000003 [ 276.287206] kernel msg: ebtables bug: please report to author: Wrong size [ 276.309004] IPVS: ftp: loaded support on port[0] = 21 01:40:56 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffa000/0x2000)=nil) 01:40:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:56 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x35, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:56 executing program 5 (fault-call:3 fault-nth:17): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:56 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xd, &(0x7f0000ffa000/0x2000)=nil) [ 276.512183] kernel msg: ebtables bug: please report to author: Wrong size 01:40:56 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 276.641743] FAULT_INJECTION: forcing a failure. [ 276.641743] name failslab, interval 1, probability 0, space 0, times 0 [ 276.663766] CPU: 1 PID: 11369 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 276.671057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.680394] Call Trace: [ 276.680417] dump_stack+0x172/0x1f0 [ 276.680436] should_fail.cold+0xa/0x1b [ 276.690482] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 276.695578] ? lock_downgrade+0x810/0x810 [ 276.695593] ? ___might_sleep+0x163/0x280 [ 276.695611] __should_failslab+0x121/0x190 [ 276.701847] IPVS: ftp: loaded support on port[0] = 21 [ 276.703862] should_failslab+0x9/0x14 [ 276.703876] kmem_cache_alloc_trace+0x2d1/0x760 [ 276.703890] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 276.703907] __memcg_init_list_lru_node+0x8a/0x1e0 [ 276.703920] __list_lru_init+0x3d3/0x6e0 [ 276.717083] sget_userns+0x81e/0xd30 [ 276.717097] ? get_anon_bdev+0xc0/0xc0 [ 276.717114] ? get_anon_bdev+0xc0/0xc0 [ 276.726843] sget+0x10c/0x150 [ 276.726862] ? ovl_show_options+0x550/0x550 [ 276.726876] mount_nodev+0x31/0x110 [ 276.726890] ovl_mount+0x2d/0x40 [ 276.735834] mount_fs+0x106/0x3ff [ 276.735850] ? emergency_thaw_all+0x1a0/0x1a0 [ 276.735864] ? __init_waitqueue_head+0x36/0x90 [ 276.735882] vfs_kern_mount.part.0+0x6f/0x410 [ 276.735898] do_mount+0x581/0x2d30 [ 276.743567] ? finish_automount+0x471/0x490 [ 276.743585] ? copy_mount_string+0x40/0x40 [ 276.743598] ? kmem_cache_alloc_trace+0x354/0x760 [ 276.743614] ? _copy_from_user+0xdd/0x150 [ 276.743629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.750572] ? copy_mount_options+0x30e/0x440 [ 276.750608] ksys_mount+0xdb/0x150 [ 276.750622] __x64_sys_mount+0xbe/0x150 [ 276.750639] do_syscall_64+0x103/0x610 [ 276.758550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.758560] RIP: 0033:0x457e29 [ 276.758573] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.758582] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 276.765349] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 276.765356] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 276.765364] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 276.765371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 276.765379] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 276.983169] net_ratelimit: 20 callbacks suppressed [ 276.983175] protocol 88fb is buggy, dev hsr_slave_0 [ 276.993164] protocol 88fb is buggy, dev hsr_slave_1 01:40:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:57 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x59616d61, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:57 executing program 2: r0 = accept4$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) getsockname(r0, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, &(0x7f0000000100)=0x80) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x101002, 0x0) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x1, 0x4) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:57 executing program 5 (fault-call:3 fault-nth:18): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:57 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 277.272715] kernel msg: ebtables bug: please report to author: Wrong size [ 277.302474] protocol 88fb is buggy, dev hsr_slave_0 [ 277.307557] protocol 88fb is buggy, dev hsr_slave_1 01:40:57 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffa000/0x2000)=nil) [ 277.319033] IPVS: ftp: loaded support on port[0] = 21 01:40:57 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1) 01:40:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 277.363284] FAULT_INJECTION: forcing a failure. [ 277.363284] name failslab, interval 1, probability 0, space 0, times 0 01:40:57 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffa000/0x2000)=nil) [ 277.450201] kernel msg: ebtables bug: please report to author: Wrong size [ 277.481890] CPU: 1 PID: 11396 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 277.489171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.489176] Call Trace: [ 277.489197] dump_stack+0x172/0x1f0 [ 277.489216] should_fail.cold+0xa/0x1b [ 277.489232] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.489249] ? lock_downgrade+0x810/0x810 [ 277.489262] ? ___might_sleep+0x163/0x280 [ 277.489278] __should_failslab+0x121/0x190 [ 277.489295] should_failslab+0x9/0x14 [ 277.501379] kmem_cache_alloc_trace+0x2d1/0x760 [ 277.518055] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 277.518075] __memcg_init_list_lru_node+0x8a/0x1e0 [ 277.518089] __list_lru_init+0x3d3/0x6e0 01:40:57 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x201, 0x10000) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0xad93, 0x1, 0x2ef0d4a5, 0x7, 0x2}, 0xc) syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x800000000fffd, 0x200) r1 = shmget(0x0, 0x4000, 0x4c4, &(0x7f0000ffa000/0x4000)=nil) shmctl$IPC_RMID(r1, 0x0) [ 277.518106] sget_userns+0x81e/0xd30 [ 277.526444] ? get_anon_bdev+0xc0/0xc0 [ 277.526464] ? get_anon_bdev+0xc0/0xc0 [ 277.526484] sget+0x10c/0x150 [ 277.526501] ? ovl_show_options+0x550/0x550 [ 277.526516] mount_nodev+0x31/0x110 [ 277.526530] ovl_mount+0x2d/0x40 [ 277.526546] mount_fs+0x106/0x3ff [ 277.578190] ? emergency_thaw_all+0x1a0/0x1a0 [ 277.582679] ? __init_waitqueue_head+0x36/0x90 [ 277.587262] vfs_kern_mount.part.0+0x6f/0x410 [ 277.587278] do_mount+0x581/0x2d30 [ 277.587290] ? finish_automount+0x471/0x490 01:40:57 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@v2={0x7, 0x1, 0x9, 0x8000, 0x4, "1c5c81c2"}, 0xe, 0x2) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 277.595375] ? copy_mount_string+0x40/0x40 [ 277.595389] ? kmem_cache_alloc_trace+0x354/0x760 [ 277.595406] ? _copy_from_user+0xdd/0x150 [ 277.595422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.595435] ? copy_mount_options+0x30e/0x440 [ 277.595450] ksys_mount+0xdb/0x150 [ 277.595472] __x64_sys_mount+0xbe/0x150 [ 277.595487] do_syscall_64+0x103/0x610 [ 277.595504] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.595513] RIP: 0033:0x457e29 [ 277.595525] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.595532] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 277.595542] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 277.595549] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 277.595556] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 277.595562] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 277.595569] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 277.595742] protocol 88fb is buggy, dev hsr_slave_0 [ 277.643071] protocol 88fb is buggy, dev hsr_slave_1 01:40:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:58 executing program 5 (fault-call:3 fault-nth:19): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:58 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffb000/0x4000)=nil) 01:40:58 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffa000/0x2000)=nil) 01:40:58 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:58 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) 01:40:58 executing program 2: setrlimit(0x3, &(0x7f00000000c0)={0x10001, 0x100}) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x381000, 0x0) ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000140)=0x1) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$binfmt_script(r1, &(0x7f0000000040)={'#! ', './file0', [{0x20, '--'}, {0x20, 'securitymime_typeem1\xb0'}, {0x20, '-'}, {0x20, '{@*{em1.#nodevnodevtrusted'}, {0x20, '.'}, {0x20, '[cpuset\xe5proc*\xf1selinuxsecurityvmnet0'}]}, 0x67) [ 278.139524] kernel msg: ebtables bug: please report to author: Wrong size [ 278.175676] FAULT_INJECTION: forcing a failure. [ 278.175676] name failslab, interval 1, probability 0, space 0, times 0 [ 278.192481] protocol 88fb is buggy, dev hsr_slave_0 [ 278.197687] protocol 88fb is buggy, dev hsr_slave_1 [ 278.209558] IPVS: ftp: loaded support on port[0] = 21 [ 278.246923] CPU: 1 PID: 11437 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 278.254204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.263544] Call Trace: [ 278.266130] dump_stack+0x172/0x1f0 [ 278.269757] should_fail.cold+0xa/0x1b [ 278.273640] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.278738] ? lock_downgrade+0x810/0x810 [ 278.282885] ? ___might_sleep+0x163/0x280 [ 278.287034] __should_failslab+0x121/0x190 [ 278.291264] should_failslab+0x9/0x14 [ 278.295060] kmem_cache_alloc_node_trace+0x270/0x720 [ 278.300153] ? kmem_cache_alloc_trace+0x354/0x760 [ 278.305004] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 278.310104] __kmalloc_node+0x3d/0x70 [ 278.313897] kvmalloc_node+0x68/0x100 [ 278.317696] __list_lru_init+0x4aa/0x6e0 [ 278.321757] sget_userns+0x81e/0xd30 [ 278.325464] ? get_anon_bdev+0xc0/0xc0 [ 278.329346] ? get_anon_bdev+0xc0/0xc0 [ 278.333227] sget+0x10c/0x150 [ 278.336331] ? ovl_show_options+0x550/0x550 [ 278.340648] mount_nodev+0x31/0x110 [ 278.344269] ovl_mount+0x2d/0x40 01:40:58 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x2000)=nil) [ 278.347627] mount_fs+0x106/0x3ff [ 278.351076] ? emergency_thaw_all+0x1a0/0x1a0 [ 278.355571] ? __init_waitqueue_head+0x36/0x90 [ 278.360150] vfs_kern_mount.part.0+0x6f/0x410 [ 278.364648] do_mount+0x581/0x2d30 [ 278.368195] ? finish_automount+0x471/0x490 [ 278.372515] ? copy_mount_string+0x40/0x40 [ 278.376741] ? kmem_cache_alloc_trace+0x354/0x760 [ 278.381581] ? _copy_from_user+0xdd/0x150 [ 278.385734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.391267] ? copy_mount_options+0x30e/0x440 01:40:58 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x2000)=nil) [ 278.395764] ksys_mount+0xdb/0x150 [ 278.399303] __x64_sys_mount+0xbe/0x150 [ 278.403279] do_syscall_64+0x103/0x610 [ 278.407178] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.412357] RIP: 0033:0x457e29 [ 278.415648] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 278.434543] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:40:58 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000ffa000/0x2000)=nil) 01:40:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 278.442246] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 278.449511] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 278.456775] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 278.464123] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 278.471390] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 278.520277] kernel msg: ebtables bug: please report to author: Wrong size [ 278.662489] protocol 88fb is buggy, dev hsr_slave_0 [ 278.667607] protocol 88fb is buggy, dev hsr_slave_1 01:40:59 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(0xffffffffffffffff, 0x400000000000001) 01:40:59 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffa000/0x2000)=nil) 01:40:59 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:59 executing program 5 (fault-call:3 fault-nth:20): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:59 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:59 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:40:59 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffa000/0x2000)=nil) 01:40:59 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 279.056006] kernel msg: ebtables bug: please report to author: Wrong size [ 279.078449] FAULT_INJECTION: forcing a failure. [ 279.078449] name failslab, interval 1, probability 0, space 0, times 0 [ 279.114121] IPVS: ftp: loaded support on port[0] = 21 [ 279.146420] kernel msg: ebtables bug: please report to author: Wrong size [ 279.158048] CPU: 0 PID: 11475 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 279.165329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.174690] Call Trace: [ 279.177277] dump_stack+0x172/0x1f0 [ 279.180998] should_fail.cold+0xa/0x1b [ 279.184890] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.190215] ? lock_downgrade+0x810/0x810 [ 279.194549] ? ___might_sleep+0x163/0x280 [ 279.198830] __should_failslab+0x121/0x190 [ 279.203069] should_failslab+0x9/0x14 [ 279.206861] kmem_cache_alloc_trace+0x2d1/0x760 [ 279.206877] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 279.206896] __memcg_init_list_lru_node+0x8a/0x1e0 [ 279.206912] __list_lru_init+0x3d3/0x6e0 [ 279.206928] sget_userns+0x81e/0xd30 [ 279.206941] ? get_anon_bdev+0xc0/0xc0 [ 279.216678] ? get_anon_bdev+0xc0/0xc0 [ 279.216690] sget+0x10c/0x150 [ 279.216703] ? ovl_show_options+0x550/0x550 [ 279.216716] mount_nodev+0x31/0x110 [ 279.244560] ovl_mount+0x2d/0x40 [ 279.244574] mount_fs+0x106/0x3ff [ 279.244588] ? emergency_thaw_all+0x1a0/0x1a0 [ 279.259445] ? __init_waitqueue_head+0x36/0x90 [ 279.264025] vfs_kern_mount.part.0+0x6f/0x410 [ 279.264042] do_mount+0x581/0x2d30 [ 279.264055] ? finish_automount+0x471/0x490 [ 279.264070] ? copy_mount_string+0x40/0x40 [ 279.264082] ? kmem_cache_alloc_trace+0x354/0x760 [ 279.280592] ? _copy_from_user+0xdd/0x150 [ 279.280615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 01:40:59 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x0, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:40:59 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffa000/0x2000)=nil) 01:40:59 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 279.280628] ? copy_mount_options+0x30e/0x440 [ 279.280643] ksys_mount+0xdb/0x150 [ 279.295288] __x64_sys_mount+0xbe/0x150 [ 279.295306] do_syscall_64+0x103/0x610 [ 279.295324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.295341] RIP: 0033:0x457e29 [ 279.295353] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.295362] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:40:59 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xd, &(0x7f0000ffa000/0x2000)=nil) [ 279.311188] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 279.311196] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 279.311204] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 279.311212] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 279.311219] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 279.353613] kernel msg: ebtables bug: please report to author: Wrong size 01:40:59 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000ffa000/0x3000)=nil) 01:40:59 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:40:59 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x80000005, &(0x7f0000ff9000/0x4000)=nil) r0 = syz_open_dev$media(&(0x7f0000001140)='/dev/media#\x00', 0x8001, 0x48001) ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f0000001180)={0x3d, "0d432f840f9f23aa39a53fe4ab3e1dddfcc2cb49d16426722ff8f40a4fe0d27bb41e5cfdb5d02d5701f9eca2c01f18d34cec5aeb339a54466b93434128c4dbcc257578ed62cc3bcec36636770b7f60808cfcafa090c67c545014f54e05a0262868bd818637c225f58e148ff63a279e1974364bafd05ac7f104b7131ffab34e58"}) r1 = socket$inet_sctp(0x2, 0x1, 0x84) r2 = syz_open_dev$adsp(&(0x7f0000001280)='/dev/adsp#\x00', 0x9, 0x442302) ioctl$VIDIOC_S_AUDIO(r2, 0x40345622, &(0x7f0000001400)={0x2, "a402f9257682c21c8ded76d4cafaaf35f4ece7c465b4eea588ae6bdda6e537fa", 0x2}) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f00000010c0)={0x87, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 'none\x00', 0x11, 0x74622a01, 0x25}, 0x2c) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80, 0x0) prctl$PR_GET_TSC(0x19, &(0x7f0000001240)) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000012c0)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000001380)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x28, r4, 0x0, 0x70bd26, 0x25dfdbfd, {{}, 0x0, 0x410c, 0x0, {0xc, 0x14, 'syz1\x00'}}, ["", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x4000800) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffb000/0x4000)=nil) recvfrom$x25(r3, &(0x7f0000000080)=""/4096, 0x1000, 0x40000000, &(0x7f0000001080)={0x9, @remote={[], 0x2}}, 0x12) ioctl$IOC_PR_PREEMPT(r3, 0x401870cb, &(0x7f00000013c0)={0xffff, 0x6, 0x3}) 01:40:59 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:40:59 executing program 5 (fault-call:3 fault-nth:21): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:40:59 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:00 executing program 2: openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/udmabuf\x00', 0x2) setrlimit(0x0, &(0x7f0000000000)={0x80000004, 0x4000000007}) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x200000, 0x0) ioctl$PPPIOCSDEBUG(r0, 0x40047440, &(0x7f0000001240)=0x4) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x618442, 0x0) ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000140)="51f348dc0da3fe9445cf4b1b0e6256223d6c83806ba6164421292ebe75312146f9439fd101d3fc60f552c542b3e7f12f77623ea0facba7f4fb1989493e6fea82ce996ae0ed0213cbc48e1d818f241ff2bae7dc695e3c3d8845f53bafc438547a3879f47797aa2d322b087b31ec99fa3c0b28756d8b2b240df5b512e00b458d56463d818558006a4bfc2bb53af5abfe9fa9d5d4101e") prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) write(r0, &(0x7f0000000200)="e170c4e01df73cb0dad4ab9c31dd5450b0c15e60b3b61a457e192efc77bb0811d06a9bb878af4292e550d85bd107639ad18edc87ea5a288138e32700e83808ecb6b544c739e2351ab6830805ae2c784c605700a91de81e986ae09e0bcc5933cc2681a500c453af409b30b9641293a88b3934ffd890d63b772e5caa2ca4e1daccb7a54df853d23ce354bf0cd7dbd8788a0df24f716eee72460cca0c87d2dd0060bd5884016e438380a718553750c8a8cac8ff79133e0ec0d80334a268b506d3854db9b749531778624760dc15014845961b5f59f4b1ab11da0be1bca4de9325de92657e3f2112ff6193a76e3560ae6fc69f9801cfe962306db32bdaf2379566d4011a52c545966640724ce2e31a9aea74fba99c2ea0ed7b10f425cc41a5dbf636b93837b226b630a3e15ce739f3c7691d8ac0bf6166e6a0d1610430986b3192b43eccc51e7cb463048273e36bcf0cb39cbf9bc93b4b12047251c4e3945429d81d4d3e487d7a58a92065e00a21a7cdd53d85457f4968c0f15cf86d32c7311c4130f420594944fb3168e4a3449075bc26e1e2b062539adb74acd9656a43023a1cae0cec57864668ab3b9746e036dac74a0805182e6170d5c6d581601e776be51a9b13a40c1c11d3538f241f4204bfd8433f09cd255e609839a19005d50d3648418935ed602cf011a064a04d95a3960e0a871c325f4ae6150e18ebdce6dd20e27c09307f8503e3b526be8b35bbff1129504db16a788e03cddc5c7b22111a3894d264697241475cd219838c2612663be2e61fab26c363d634ace6b6c2672cc6490ea79f1018c0cbb1e2cc869cfadb960bda68884fea01cdc63d700b2da43e0a91e2940d847ce73388c3de46fc601472a87989deab9ffb33949d273a94dc82ddb0dfa6a821fef7f9aa53d6acd1c904cf94b613bed0a744a36d7d6a4c0ca42cc97da9dd9727789b35d0f52b2fe16b196f7b867c060c96756f6501151b3551ac8f0e93718aaa18f2b51f1562063bc4310a137153d0127c9cf24d4a82eccf4ce7e699a5fbe556c679309c7b8d609dddb0e5afd34e7c855fce1a6358ad2fadd46781976ec8e0a134ce8e6996b531401337a6c8ad4408a992c312a38e2af22e9e7105e5af9e0769b4cca67b3023bc583712627e2aeec3c266f3f26eac256548cbf0fa60c079842a65e575d6963f8d24f7c7da3510ad3fa0df0222fc1f96f8618e3170fce0dc82db1430983406b0bded11bed9f406de3ea9b31cd4af98b804133e05ef69de33c1155dc6b264387e8321cdcf4a47ce6a66678264de997cb4dbdc6934366248f5e083ee24f80772ffde2f7873397c1a69786163c4ae3a4247ef1376bf424899d4bb4e8a10cd188666f52657f97a644b18b609f380b3a67c0ed03902f54d4c436573295cc19824b62e263060c1a40d7a88ab48aa6155a54954f2cbe1e0eb025ddf3bd40ba537c69eeff30fe3af2ecc9f74e00f03a4a3543e181550b87f1cc063c0e914c6a4966633b24935335d4a4825b86c2dc71464df1cc12992656e5ba40860dc23ee570493d24d73faeb62fe04e8ddace4744bfb84ef811b730217aa563e402cc4a3c3b749baabccb360a05ac04a9147fb6918fe759082d2ce084953ab596f5180f110eeee3224de167a79e7d6888a59857934fa5e4aee40ea4e931958ee6d7a7e284e16c1650350d5b8004011cad144ca85bceb36787d2d826e82051c1127eef448974c721988444f27e868bbd177805a4abda56a40c0fad1a834aa5a0af439b400ec2b067d28df993dd28a046002361b6e002f158f023bca5d293e4deb12b024e4df314ad079365ee4515b717e64ebd14a7b0b38dbb92545bc72bec23d291ef901b8c4b8b74453da81c2928d1333d366b1b8f2e1e81f82951d1af6ef430a0f32a7f7b1e06d7d5e06434b1d2ef384e53bf209bb5d4001fa47626df96dccc97fe1b202b4923920c12faaa8df589b47eabf88b5664573add96a256585095e52fbfbc810932e984dda09e16ac87e9a1c31b773e37e9b13986daa0774daa8500cb4bf6bef0a919dd81337b228c929052d0e59804a4a36575d64df0628fd20ee4dad59fb1ef0f1e6356b3e4147770bfa4fd1a1111d46e42a1d9c8255175146ee938dde20fc22dde9c3e1c8a1f27b78c4715cbc19de86a7bb580549ce7434d2f9408625406607a1156d32b33e97a658b7637313e8921a7491bf8cac1e2699f54639b375e21793919fd1e07d3e37d709daf3321279b55e40c7877d56cfce0fd6f3875d30274adda80f0f4fe256c1287177ef52b994fc9cfa355f4940e62e4d7b0d2e59f1e12acf594d3411def7903999e1acd882855557f3aa4f7079aec7684219845bb1641f1c99f8bce30dc76faeaac2cb7fc2102df0b0efc2df40773d0ed0de7740200f787750e88692580c0578c386fcf1280b6773f912b94c154e5d7f086a32f1b11d389305e12311c57f61e947b235491771f9938074b804738894f3d07a4bd0c2b1ff0b7909083416fc3deedad1481907121b5b6dcb29ae305bbb4b6ae63eef840a2f9fecab0b2dbe490e85ffa43d0b0be12b9c7f1e42f0a03543b4b780a558bbaa340433fdd50fb49586e26b6dc694fd338782d3519aa288b1e891e2fe14a733ffa5bbdc69a620bb2859d270d829a2cc3057606cab4adaad0c940f138327133698c6476d736cbe2d9142a0ccdff900a36ced63ab137279cd51b55376c3ffa5da3b4a0e0e38fd29f23c41557c76edea0d69560004b97a510027be5ef2b5d1fd27bac10e5d2d4ec8238b956b0155c4b3332acad5b752e3cef4c60673458c05dda32bc0f9ac1ad4e9f6be2db51a4f55f17a67847e06b3bb8d372b056b489aad30112704272ccd4fc1e6dd50128dedac0343a62f9b1f1176b33b8ad6e63fe7850785f61dacf846df61615824e55097f49870ce5565f74a10ea34e6472f734d5297062ad11d83b58a8131e7ac4faf0752466ad8f1192f51995864cce6ccd1fffba4b5fa55646b973362447b2d6156545ad1c012854d76356ff0ee2f5d2ccbb05e4ee33338f875daddfe1845b2edc677f63bfbc9b23ad92cff18dc542b37e605926ee3ba007e037cf3efb80429bf2d6af6121f8f998ad595b553f8c04c184803d41d125847ff1014095da8c24f2fd6e1078a922357bc43bd768eaf52d9117830aeb5945df92423ec63c1c68500a054f2658863f982b3a4fc8b4e97be2670cf9fab065599831e76c396c855a6d9af2d131970403f17b517eead8f3923ec20f0052dcc13bc1d8084a6a4cfc041039a6c3cd8ae13ec6917bfb192f4b0bed82d508289a6b5a8625a471b5bd56a95d08ee1a896690800be52923bbafd09c5db7dcafbd714f869e46a233786af54a2bac19d191902b6d055c330954663beffc697479443dedbf0b171f882632d39fdb55cd109bc6a2f0fd0b717b8ca7d335cf9696e6bd0b2e630cee637af3bb4ad623797a5ad9a90a26a3dd4d09d1f7ca1a1960bbd42122911c54a76f47cb6717c5293bcf071a6a04e69b8b3aa5beeb6693dd163b3fdf53e22586ac430b07ba420f2f3a5f17131512282c1a538956531127bd8776354983fc3ad0790eba2257e8ad914a3e7bc89b870ac9988d7f11597f01305cc65fe11412a024d75e266b7d01acf8eee75b5b861f7de92d5d367759996c6b5482772197cd9d3e61632939a89b2de74f37ca574030e3926690d02a992016f0019288fd9a8910d28eb1fe1fda0da59d7686a76fe1bbb2704047b99ebc23a2b88f9a823219ef8d47d4e090ff6a7bce3e4172f3c2db4ad3156a9bb096d9714802c29a923a0c395012c536da139fc65e0aba870c0b13a8bd749fd38d007a080942f0897a0514f8bf8cfa86b030063f7cf03ec601814d33b9712c1ab636ca5a1d97f5f6d4fc08ad486612e8e875907fb1b2b97daaa39f008d59243f12fc858f94c2ad9aa83e0140c2300c4212c851e363c3a06e15a66b8ce5d38dd25a1f61e3ed7f15ca7bcda9b10b8acaa9de04ebd5a4043dbad6d88a36482be913259f56723f4e0071e246b4dbef102b5c136293b1e9667093b8cfb7d755b878a12bde13247d94f449227acca9d92579d2ca4cbfe39db1f2d2c42ff1ae7a8c240d9cd7036c4c77ac86e984312d7d9a888ab1f69ab033ec5f43581d1358b61eb3cff9b04a6669410359ab8e2e35d0f8b9dc417ded72ce50f0ed2408ca9c35353be8e279e42c1405d75a348d5a9a36f416d35be805b423b56cd22b1a20820e1bbff3db267bf63be674b81a3f6efc3ed080b440e90a6a2563650682ab9ef99a43e79e659058c63f5859902aa5c1f21d6bcc9f22ce476ba30e4cf864414827f4af7d06141a827c0cc48f849f384787d19d42c59db137271d294e2ce4e5d2805c96c56058b96b8fa2ba3f6d9a2ababfbcf46ee41adfe15591699d17950768dcf7f963a4b27683cb7f70dcb5ed3cbbe2b7deb722d383c6c0b5b7d37001be01d76371b2f8f413cbb123ea7842c3e832a1c351da5a6919d8b0653b5f07d26f93af069ae7bf020b8ff72b887ed674ffdaa0872781dd09a24b684db878cda0ebcf11d847999a06eaae0472dfe389eabe81db6ec3e73a08bc8799c99a9c7eca26391d1a874bd062080bb87ca35fef0444f9adc9d2fc50e345923a248d59687af58a4211997c414b1a6a527cf7fe07309ed4ef0c5f7ab1b20556b6c0e9ef65ab4e5e8f66bd4f499facc640bea397b6fd8949f7b4ef263d462a5a0f7c3b9a8105dc6bf0f90da7f8fc680b44cf03101318ed831ae67f7fade5e9392d325c37ea01293b4818d13371e0a06f76183f04455596483b0cf44b867d1469e78f2feee25c58b9a1c635a111423567a43fdb824f3dab7f0d522e1b80fddff97fb561954f1b5e2e8acdbc650fe9bf8c07fe65ad314e873b82bf21e70b2195cd795d9c2c27962cd72058ffd8adbb2cc6c90d41f1ab487d85a837522a53e6b6ce3bb675b2b7b9ec5d0c6792c184010c28c401662175f2fb53a6a79311fdd70cc84f94dbf6a7fc279dbfcc8da2e6012dac0b8b37d6f4f6a92b5b4acb75bdbf389d28a37de512000b3b1a2448485d3ba6317abc984423e2f5d895738d80ab31a560f9f61b75b2c12e0b480364e30153c21085f5e0e3b4b074d8aad189b1f8e206c230a82409a2beb7e71d5ece0de53e4eaf68859bfc529fd31b48b3e5705640280c127455377896adce4cda8a0a6f90ff8066bc0ea48e2a93d08b3f08fb4ed2796c74dd7df87735102bcb94179e644a596f9c29f4cf2f79d60ddb7f3c908fefdb152d718b8d4248b764238c22d6a971a5513cfa3a420954521f8eff1022ac2171ed8c80e0b203594a54f919fa4b1e77b277f2163eb8769ffc8e106e41fd2a9dd9cc8dff606df3d586aa5a319f5224096703e3d803a26ba7d6c824d74e5aac885c95f9c4040587e0c5bb03a2d4657c986d4d000886f7dfc091d6a9de1b724119b34ffb0559070e4a1c12f31ccf5df2a33d5ddd9d460a8a07cadbd51affb5d646f60c45135f596eaa4ac6ea444dcb0d034c593f38a63b3a4193a6f37cd98fbfea84f5705264f197a0ee527205f33f10031668cab61c1c34f1d0a5732bf0b75089eb0efca2568fba5a9694d998e701f7b6edce2b77ed911164b82b123b13c5744d738691f861eed048a52e26bca2be81204f412d6c75c0e2e880e27127c7a953bddb9ce06ce91cae620e03d5c4a03174d199262d68133fefaed847a717257b38ee61223d53bb8dd3d4be875bccc341e6da29e1baf3aca1bc8b1109698c289a73b9c6e0517ff42b48988ef72114affc05c95f25a34bb5af4e05666", 0x1000) ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000100)={0x3, 0x0, 0x1}) [ 279.932263] kernel msg: ebtables bug: please report to author: Wrong size [ 279.941680] FAULT_INJECTION: forcing a failure. [ 279.941680] name failslab, interval 1, probability 0, space 0, times 0 [ 279.948127] IPVS: set_ctl: invalid protocol: 135 172.30.1.4:20004 [ 279.999655] mmap: syz-executor.3 (11506): VmData 18550784 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 280.006706] CPU: 1 PID: 11510 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 280.019497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.027054] IPVS: ftp: loaded support on port[0] = 21 [ 280.029130] Call Trace: [ 280.036892] dump_stack+0x172/0x1f0 [ 280.040521] should_fail.cold+0xa/0x1b [ 280.044407] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.049513] ? lock_downgrade+0x810/0x810 [ 280.053680] ? ___might_sleep+0x163/0x280 [ 280.057840] __should_failslab+0x121/0x190 [ 280.057854] should_failslab+0x9/0x14 [ 280.057866] kmem_cache_alloc_trace+0x2d1/0x760 [ 280.070501] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 280.070519] __memcg_init_list_lru_node+0x8a/0x1e0 [ 280.070533] __list_lru_init+0x3d3/0x6e0 [ 280.080521] sget_userns+0x81e/0xd30 [ 280.080533] ? get_anon_bdev+0xc0/0xc0 [ 280.080550] ? get_anon_bdev+0xc0/0xc0 [ 280.088269] sget+0x10c/0x150 [ 280.088293] ? ovl_show_options+0x550/0x550 [ 280.088306] mount_nodev+0x31/0x110 [ 280.088338] ovl_mount+0x2d/0x40 [ 280.096070] mount_fs+0x106/0x3ff [ 280.096087] ? emergency_thaw_all+0x1a0/0x1a0 [ 280.096100] ? __init_waitqueue_head+0x36/0x90 [ 280.096119] vfs_kern_mount.part.0+0x6f/0x410 [ 280.103497] do_mount+0x581/0x2d30 [ 280.103511] ? finish_automount+0x471/0x490 [ 280.103528] ? copy_mount_string+0x40/0x40 [ 280.103540] ? kmem_cache_alloc_trace+0x354/0x760 [ 280.103575] ? _copy_from_user+0xdd/0x150 [ 280.110523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.110536] ? copy_mount_options+0x30e/0x440 [ 280.110551] ksys_mount+0xdb/0x150 [ 280.110566] __x64_sys_mount+0xbe/0x150 [ 280.118463] do_syscall_64+0x103/0x610 [ 280.118480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.118492] RIP: 0033:0x457e29 [ 280.127525] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 01:41:00 executing program 3: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x4402, 0x0) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:00 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:00 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 280.127532] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 280.127543] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 280.127551] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 280.127557] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 280.127566] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 280.135485] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:00 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x80400, 0x0) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x2, 0x0) ioctl$GIO_CMAP(r1, 0x4b70, &(0x7f0000000200)) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000280)={0x80000000, 0x0, 0x10001, 0x100000001}) ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f00000002c0)={r3, 0x1ff}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={0xffffffffffffffff}, 0x111, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x80000001, @dev={0xfe, 0x80, [], 0x1f}, 0x9}, r4}}, 0x30) getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000000), &(0x7f0000000080)=0x8) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x1f40, 0x3f}) 01:41:00 executing program 2: r0 = syz_open_dev$usbmon(0x0, 0x1, 0x48000) recvfrom$inet(r0, 0x0, 0x202, 0x0, 0x0, 0x10000007c) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = shmget(0xffffffffffffffff, 0x1000, 0xa08, &(0x7f0000ffe000/0x1000)=nil) stat(&(0x7f0000000240)='./file0/file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = socket(0x11, 0x1, 0x5) r6 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockname$tipc(r5, 0x0, &(0x7f0000000380)) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000008c0)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000440)=0x24) lstat(&(0x7f0000000000)='./file0/file0\x00', &(0x7f00000007c0)) r8 = getpgid(0x0) connect$bt_l2cap(r0, &(0x7f0000000340)={0x1f, 0x400000000001, {0xccce, 0x7, 0x80000001, 0x8, 0x7, 0x5}, 0xe0, 0x6}, 0xe) shmctl$IPC_SET(r2, 0x1, &(0x7f0000000840)={{0x0, r3, r4, r7, r4, 0x4c1078b5631b409f, 0xb}, 0xb8fb, 0xffc, 0x3, 0x8000, r8, r8, 0x81}) r9 = syz_open_dev$loop(&(0x7f0000000300)='/dev/loop#\x00', 0x0, 0x2000) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000000) sendmsg(r0, &(0x7f0000001b40)={&(0x7f00000003c0)=@in={0x2, 0x4e24, @multicast1}, 0x80, &(0x7f0000001a00)=[{&(0x7f00000019c0)="c99d74", 0x3}], 0x1}, 0x40000) ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="2d41d358b8361e7d73e3e48513a08593", 0xffffffbd) ioctl$BLKTRACESETUP(r9, 0xc0481273, &(0x7f0000000080)={[], 0x2, 0x400, 0x2}) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000540)='lp@', 0x3) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2000, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0x0, 0x8001, 0x4, 0x9e6d, 0x2, 0x5c97, 0x0, 0x0, 0x8, 0x0, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0x6, 0xfff, 0x4, 0xfffffffffffffffe, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x8, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0xe, r6, 0x0) add_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) r10 = request_key(&(0x7f00000005c0)='trusted\x00', &(0x7f0000000600)={'syz', 0x1}, &(0x7f00000009c0)='3\x00\x1e\x18J\xb6\t\xca\xd3\x00O9\x143\xd3ty\xf9 \n\x13S+\xefB\xff\x00D\xb8\xeb\fo\xf8\xbdv\xaf\xf6\x18\x1eE\x1eYQc\x94\xd2\xc8#\x9e0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 280.306447] kernel msg: ebtables bug: please report to author: Wrong size 01:41:00 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:00 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)="a90cd996d51f264cd152c77278844e06ad4796f19a62b5845ba53d900ef296e8692c959c905e208065034242587415d5c985971b4b89ce70a43aa7577bc2b4b70328151d142825401d85f356d8186afb1cee49f18dbca59e6b928f8113f71e1b59288c680da9c8d138509878097690530ab2b721ded4176c5333b3c3c6e5890f7eff74869d833b81865f532a7d921f775355e68df4825be4e2d7447c67e10cf0975cc68e74710b6b27ba2b7903a8ae455da4aa373b482b4d75abeb6911b3b71953eb630e7f13578d4f3e7254778e4bfab0f3249f1737e489231202e5", 0xdc, 0xfffffffffffffffb) keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f00000001c0)='\x00', &(0x7f0000000200)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x0, 0x800) bind$rose(r1, &(0x7f0000000300)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x3, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000240)='/proc/capi/capi20ncci\x00', 0x0, 0x0) openat$cgroup_procs(r2, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) [ 280.436311] FAULT_INJECTION: forcing a failure. [ 280.436311] name failslab, interval 1, probability 0, space 0, times 0 [ 280.492779] CPU: 1 PID: 11538 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 280.500076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.509421] Call Trace: [ 280.512022] dump_stack+0x172/0x1f0 [ 280.515780] should_fail.cold+0xa/0x1b [ 280.519659] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.525020] ? lock_downgrade+0x810/0x810 [ 280.529163] ? ___might_sleep+0x163/0x280 [ 280.533409] __should_failslab+0x121/0x190 [ 280.537667] should_failslab+0x9/0x14 [ 280.541457] kmem_cache_alloc_trace+0x2d1/0x760 [ 280.546114] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 280.551210] __memcg_init_list_lru_node+0x8a/0x1e0 [ 280.556127] __list_lru_init+0x3d3/0x6e0 [ 280.560180] sget_userns+0x81e/0xd30 [ 280.563885] ? get_anon_bdev+0xc0/0xc0 [ 280.567764] ? get_anon_bdev+0xc0/0xc0 [ 280.571643] sget+0x10c/0x150 [ 280.574746] ? ovl_show_options+0x550/0x550 [ 280.579065] mount_nodev+0x31/0x110 [ 280.582686] ovl_mount+0x2d/0x40 [ 280.586051] mount_fs+0x106/0x3ff [ 280.589500] ? emergency_thaw_all+0x1a0/0x1a0 [ 280.593989] ? __init_waitqueue_head+0x36/0x90 [ 280.598573] vfs_kern_mount.part.0+0x6f/0x410 [ 280.603065] do_mount+0x581/0x2d30 [ 280.606592] ? finish_automount+0x471/0x490 [ 280.610902] ? copy_mount_string+0x40/0x40 [ 280.615135] ? kmem_cache_alloc_trace+0x354/0x760 [ 280.619982] ? _copy_from_user+0xdd/0x150 [ 280.624122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.629641] ? copy_mount_options+0x30e/0x440 [ 280.634129] ksys_mount+0xdb/0x150 [ 280.637662] __x64_sys_mount+0xbe/0x150 [ 280.641627] do_syscall_64+0x103/0x610 [ 280.645508] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.650682] RIP: 0033:0x457e29 [ 280.653862] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.672750] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 280.680439] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:00 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 280.687691] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 280.694946] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 280.702206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 280.709467] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 280.743733] kernel msg: ebtables bug: please report to author: Wrong size 01:41:00 executing program 3: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000080)={0x0, 0x2, "f817"}, &(0x7f00000000c0)=0xa) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={r1, @in={{0x2, 0x4e20, @empty}}, 0x9, 0x8, 0x1, 0x8, 0x6b}, &(0x7f00000001c0)=0x98) setrlimit(0x0, &(0x7f0000000000)={0x5, 0xfffffffffffffffe}) prctl$PR_SET_MM(0x23, 0x400a, &(0x7f0000ffe000/0x1000)=nil) 01:41:01 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:01 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:01 executing program 4 (fault-call:7 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:01 executing program 5 (fault-call:3 fault-nth:23): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:01 executing program 3: r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x4, 0x400002) connect$rxrpc(r0, &(0x7f0000000080)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e23, @empty}}, 0x41faf5d) setrlimit(0x2, &(0x7f0000000040)) r1 = getpid() sched_getscheduler(r1) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) socket$bt_cmtp(0x1f, 0x3, 0x5) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3, 0x8000}, 0x4) sendto$inet(r0, &(0x7f00000000c0)="b122026a37cef1d33677a468b4189cc10b76fdda2edd1e8774090e5ba9adfb7ce53c0a93b4561bbcf5894df75044e0e76f8f02a5ad9a4ace7e00d8aa4e5d26c40b7753d4371fcd23ebcd08eeef36b9093d966b16d306eecbcdd99e8369fffe9fcd42d7aff130e4c1f87275651db2417fc8baae1f33dc7c6bc8788f5065574c02d8c9960998ea4ce3e0cd2e51c99c26e7a8bf4209119e8e2adabbb5275a252feb257998b1e79e214e85173722c2465c94453f5ce0e1d668a826c7182039", 0xbd, 0x20000000, &(0x7f0000000180)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) [ 280.980744] kernel msg: ebtables bug: please report to author: Wrong size [ 281.018608] FAULT_INJECTION: forcing a failure. [ 281.018608] name failslab, interval 1, probability 0, space 0, times 0 [ 281.044931] CPU: 0 PID: 11566 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 281.052302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.061646] Call Trace: [ 281.064248] dump_stack+0x172/0x1f0 [ 281.067882] should_fail.cold+0xa/0x1b [ 281.071767] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.075134] FAULT_INJECTION: forcing a failure. [ 281.075134] name failslab, interval 1, probability 0, space 0, times 0 [ 281.076948] ? lock_downgrade+0x810/0x810 [ 281.076965] ? ___might_sleep+0x163/0x280 [ 281.076984] __should_failslab+0x121/0x190 [ 281.076998] should_failslab+0x9/0x14 [ 281.077012] kmem_cache_alloc_trace+0x2d1/0x760 [ 281.077026] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 281.093618] IPVS: ftp: loaded support on port[0] = 21 [ 281.096580] __memcg_init_list_lru_node+0x8a/0x1e0 [ 281.096596] __list_lru_init+0x3d3/0x6e0 [ 281.128446] sget_userns+0x81e/0xd30 [ 281.132158] ? get_anon_bdev+0xc0/0xc0 [ 281.136049] ? get_anon_bdev+0xc0/0xc0 [ 281.139928] sget+0x10c/0x150 [ 281.143032] ? ovl_show_options+0x550/0x550 [ 281.147348] mount_nodev+0x31/0x110 [ 281.150978] ovl_mount+0x2d/0x40 [ 281.154356] mount_fs+0x106/0x3ff [ 281.157799] ? emergency_thaw_all+0x1a0/0x1a0 [ 281.157816] ? __init_waitqueue_head+0x36/0x90 [ 281.166856] vfs_kern_mount.part.0+0x6f/0x410 [ 281.171351] do_mount+0x581/0x2d30 [ 281.174885] ? finish_automount+0x471/0x490 [ 281.179212] ? copy_mount_string+0x40/0x40 [ 281.183440] ? kmem_cache_alloc_trace+0x354/0x760 [ 281.188279] ? _copy_from_user+0xdd/0x150 [ 281.192701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.198229] ? copy_mount_options+0x30e/0x440 [ 281.202720] ksys_mount+0xdb/0x150 [ 281.206254] __x64_sys_mount+0xbe/0x150 [ 281.210224] do_syscall_64+0x103/0x610 [ 281.214105] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.219283] RIP: 0033:0x457e29 [ 281.222484] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.241369] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 281.241382] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 281.241389] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 281.241396] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 281.241404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 281.241410] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 281.250080] CPU: 0 PID: 11570 Comm: syz-executor.4 Not tainted 5.0.0-rc6+ #76 01:41:01 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 281.263886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.278378] Call Trace: [ 281.278395] dump_stack+0x172/0x1f0 [ 281.278411] should_fail.cold+0xa/0x1b [ 281.278425] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.278437] ? lock_downgrade+0x810/0x810 [ 281.278457] ? ___might_sleep+0x163/0x280 [ 281.302288] __should_failslab+0x121/0x190 [ 281.317510] should_failslab+0x9/0x14 [ 281.317522] kmem_cache_alloc_node+0x265/0x710 [ 281.317536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.325863] ? tcp_established_options+0x29d/0x4d0 [ 281.325903] __alloc_skb+0xd5/0x5e0 [ 281.325917] ? skb_scrub_packet+0x440/0x440 [ 281.333992] ? retint_kernel+0x2d/0x2d [ 281.334012] sk_stream_alloc_skb+0xc8/0x860 [ 281.334029] tcp_sendmsg_locked+0xc7d/0x34a0 [ 281.334056] ? tcp_sendpage+0x60/0x60 [ 281.334105] ? __local_bh_enable_ip+0x18e/0x270 [ 281.334118] ? __local_bh_enable_ip+0x15a/0x270 [ 281.344203] tcp_sendmsg+0x30/0x50 [ 281.344219] inet_sendmsg+0x147/0x5d0 [ 281.344232] ? ipip_gro_receive+0x100/0x100 [ 281.344272] sock_sendmsg+0xdd/0x130 [ 281.344286] __sys_sendto+0x262/0x380 [ 281.352798] ? __ia32_sys_getpeername+0xb0/0xb0 [ 281.352817] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 281.352839] ? __sb_end_write+0xd9/0x110 [ 281.352855] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 281.352867] ? fput+0x128/0x1a0 [ 281.352880] ? ksys_write+0x166/0x1f0 [ 281.352896] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.352908] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.352918] ? do_syscall_64+0x26/0x610 [ 281.352931] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.361097] __x64_sys_sendto+0xe1/0x1a0 [ 281.361115] do_syscall_64+0x103/0x610 [ 281.361131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.361139] RIP: 0033:0x457e29 [ 281.361152] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.369830] RSP: 002b:00007f412b2d2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 281.369843] RAX: ffffffffffffffda RBX: 00007f412b2d2c90 RCX: 0000000000457e29 [ 281.369850] RDX: 00000000ed5f0dd4 RSI: 00000000200003c0 RDI: 0000000000000004 [ 281.369858] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000184 [ 281.369866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f412b2d36d4 [ 281.369874] R13: 00000000004c54e7 R14: 00000000004d9388 R15: 0000000000000005 [ 281.539497] kernel msg: ebtables bug: please report to author: Wrong size 01:41:01 executing program 2: r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x0, 0x2) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000080)) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) inotify_init() 01:41:01 executing program 5 (fault-call:3 fault-nth:24): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:01 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x204200, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x0, 0x385000) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000000240)=0xe8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=client,cachetag=}securitycpuset,access=any,cachetag=ppp0|trusted,cachetag=,fscache,noextend,version=9p2000,obj_type=,euid<', @ANYRESDEC=r2, @ANYBLOB="2c66736e616d653d3a2929626465762c7375626a5f747970653d8b637075736574776c6131a31a5957d94dda6e302c66736d616769633d307830303030303030303030"]) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffb000/0x3000)=nil) 01:41:01 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:01 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:01 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) setrlimit(0x3, &(0x7f0000000000)={0x886d, 0x9}) getcwd(&(0x7f0000000080)=""/45, 0x2d) [ 281.627513] FAULT_INJECTION: forcing a failure. [ 281.627513] name failslab, interval 1, probability 0, space 0, times 0 01:41:01 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) prctl$PR_SET_FPEMU(0xa, 0x1) [ 281.694568] kernel msg: ebtables bug: please report to author: Wrong size [ 281.737342] CPU: 0 PID: 11590 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 281.744636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.753980] Call Trace: [ 281.756564] dump_stack+0x172/0x1f0 [ 281.760196] should_fail.cold+0xa/0x1b [ 281.764082] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.769192] ? lock_downgrade+0x810/0x810 [ 281.773341] ? ___might_sleep+0x163/0x280 [ 281.777499] __should_failslab+0x121/0x190 [ 281.781747] should_failslab+0x9/0x14 [ 281.785545] kmem_cache_alloc_trace+0x2d1/0x760 [ 281.790322] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 281.795432] __memcg_init_list_lru_node+0x8a/0x1e0 [ 281.800360] __list_lru_init+0x3d3/0x6e0 [ 281.804439] sget_userns+0x81e/0xd30 [ 281.808154] ? get_anon_bdev+0xc0/0xc0 [ 281.812043] ? get_anon_bdev+0xc0/0xc0 [ 281.816023] sget+0x10c/0x150 [ 281.819121] ? ovl_show_options+0x550/0x550 [ 281.823444] mount_nodev+0x31/0x110 [ 281.827067] ovl_mount+0x2d/0x40 [ 281.830437] mount_fs+0x106/0x3ff [ 281.833901] ? emergency_thaw_all+0x1a0/0x1a0 [ 281.833917] ? __init_waitqueue_head+0x36/0x90 [ 281.833937] vfs_kern_mount.part.0+0x6f/0x410 [ 281.833953] do_mount+0x581/0x2d30 [ 281.847485] ? finish_automount+0x471/0x490 [ 281.847503] ? copy_mount_string+0x40/0x40 [ 281.859541] ? kmem_cache_alloc_trace+0x354/0x760 [ 281.864389] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.869936] ? copy_mount_options+0x30e/0x440 [ 281.874604] ksys_mount+0xdb/0x150 [ 281.878147] __x64_sys_mount+0xbe/0x150 [ 281.882128] do_syscall_64+0x103/0x610 [ 281.886023] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.891215] RIP: 0033:0x457e29 [ 281.894415] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.913388] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 281.913400] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 281.913413] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:41:02 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:02 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10200) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000080)={0x1, [0x9]}) 01:41:02 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:02 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x2, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:02 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xf, &(0x7f0000ffb000/0x3000)=nil) r0 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) r1 = add_key$user(&(0x7f00000001c0)='user\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000140)="6dba683fdb908885a6f77ec90dbaffeab68bf323e31deae4a4e0c8029ca3d5d19c086b1df2aa480a3f7f449e852b69bf34f54f65c0fa5dd79ca51e6ad7a7e2399fcc59b72723515c2d948e61b36a3e782b08d83a4ed88dd1c168bd6be06407ea617050b1fa4d2f0a07c90955d7941ae1331ada4e0c5d6a82ed233b", 0x7b, 0xffffffffffffffff) keyctl$assume_authority(0x10, r1) write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000000)={0xffffffffffffff78, 0x1, 0x0, {0x8}}, 0xfffffffffffffe78) 01:41:02 executing program 5 (fault-call:3 fault-nth:25): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 281.913420] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 281.913427] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 281.913434] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 281.980654] kernel msg: ebtables bug: please report to author: Wrong size [ 282.007020] FAULT_INJECTION: forcing a failure. [ 282.007020] name failslab, interval 1, probability 0, space 0, times 0 [ 282.023390] IPVS: ftp: loaded support on port[0] = 21 01:41:02 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80000, 0x0) bind$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e24}, 0x6e) prctl$PR_SET_MM(0x23, 0xe, &(0x7f0000ffc000/0x1000)=nil) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 282.058583] CPU: 0 PID: 11618 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 282.065865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.075208] Call Trace: [ 282.077794] dump_stack+0x172/0x1f0 [ 282.081424] should_fail.cold+0xa/0x1b [ 282.085315] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 282.090421] ? lock_downgrade+0x810/0x810 [ 282.094564] ? ___might_sleep+0x163/0x280 [ 282.098716] __should_failslab+0x121/0x190 [ 282.102950] should_failslab+0x9/0x14 [ 282.106745] kmem_cache_alloc_trace+0x2d1/0x760 [ 282.111420] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 282.116521] __memcg_init_list_lru_node+0x8a/0x1e0 [ 282.121451] __list_lru_init+0x3d3/0x6e0 [ 282.125513] sget_userns+0x81e/0xd30 [ 282.129235] ? get_anon_bdev+0xc0/0xc0 [ 282.133131] ? get_anon_bdev+0xc0/0xc0 [ 282.137018] sget+0x10c/0x150 [ 282.140127] ? ovl_show_options+0x550/0x550 [ 282.144447] mount_nodev+0x31/0x110 [ 282.148072] ovl_mount+0x2d/0x40 [ 282.151428] mount_fs+0x106/0x3ff [ 282.151444] ? emergency_thaw_all+0x1a0/0x1a0 [ 282.151459] ? __init_waitqueue_head+0x36/0x90 [ 282.151477] vfs_kern_mount.part.0+0x6f/0x410 [ 282.151492] do_mount+0x581/0x2d30 [ 282.164042] ? finish_automount+0x471/0x490 [ 282.164060] ? copy_mount_string+0x40/0x40 [ 282.164073] ? kmem_cache_alloc_trace+0x354/0x760 [ 282.164090] ? _copy_from_user+0xdd/0x150 [ 282.164107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.164126] ? copy_mount_options+0x30e/0x440 [ 282.164143] ksys_mount+0xdb/0x150 [ 282.164157] __x64_sys_mount+0xbe/0x150 01:41:02 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000080)=0x14, 0x80800) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000000c0)={@mcast2, 0x4a, r1}) 01:41:02 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:02 executing program 2: setrlimit(0x6, &(0x7f0000000080)={0xfffd, 0x4000000007}) r0 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0xce26, 0x40) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r1, 0x400, 0x70bd27, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x14, 0x18, {0xfe, @bearer=@udp='udp:syz2\x00'}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x4000) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffa000/0x1000)=nil) [ 282.164173] do_syscall_64+0x103/0x610 [ 282.172161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.172171] RIP: 0033:0x457e29 [ 282.172183] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.172190] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 282.172202] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:02 executing program 2: shmget$private(0x0, 0x2000, 0x20, &(0x7f0000ffa000/0x2000)=nil) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_GET_SECUREBITS(0x1b) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7fffffff, 0x301000) write$FUSE_NOTIFY_STORE(r0, &(0x7f00000000c0)={0xfffffc96, 0x4, 0x0, {0x5, 0x0, 0xffffffffffffff44, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0xffffffffffffff99) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffb000/0x2000)=nil) [ 282.172211] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 282.180717] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 282.180725] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 282.180733] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 282.296131] kernel msg: ebtables bug: please report to author: Wrong size 01:41:02 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 282.342496] net_ratelimit: 20 callbacks suppressed [ 282.342502] protocol 88fb is buggy, dev hsr_slave_0 [ 282.347506] protocol 88fb is buggy, dev hsr_slave_1 [ 282.440023] kernel msg: ebtables bug: please report to author: Wrong size 01:41:02 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:02 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:02 executing program 5 (fault-call:3 fault-nth:26): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:02 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff9000/0x4000)=nil) 01:41:02 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:02 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x1, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:02 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000ffc000/0x4000)=nil) 01:41:02 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x3, 0x0) syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x3, 0x20002) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000080)=0x800, 0x4) [ 282.808058] kernel msg: ebtables bug: please report to author: Wrong size [ 282.822498] protocol 88fb is buggy, dev hsr_slave_0 [ 282.827579] protocol 88fb is buggy, dev hsr_slave_1 [ 282.842912] FAULT_INJECTION: forcing a failure. [ 282.842912] name failslab, interval 1, probability 0, space 0, times 0 [ 282.906849] IPVS: ftp: loaded support on port[0] = 21 [ 282.932564] CPU: 1 PID: 11659 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 282.932574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.932577] Call Trace: [ 282.932598] dump_stack+0x172/0x1f0 [ 282.932615] should_fail.cold+0xa/0x1b [ 282.932631] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 282.955639] ? lock_downgrade+0x810/0x810 [ 282.955654] ? ___might_sleep+0x163/0x280 [ 282.955671] __should_failslab+0x121/0x190 [ 282.968753] should_failslab+0x9/0x14 [ 282.968767] kmem_cache_alloc_trace+0x2d1/0x760 [ 282.968781] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 282.977120] __memcg_init_list_lru_node+0x8a/0x1e0 [ 282.977135] __list_lru_init+0x3d3/0x6e0 [ 282.977152] sget_userns+0x81e/0xd30 [ 282.985560] ? get_anon_bdev+0xc0/0xc0 [ 282.985579] ? get_anon_bdev+0xc0/0xc0 [ 282.985591] sget+0x10c/0x150 [ 282.985605] ? ovl_show_options+0x550/0x550 [ 282.995582] mount_nodev+0x31/0x110 [ 282.995596] ovl_mount+0x2d/0x40 [ 282.995613] mount_fs+0x106/0x3ff [ 283.003329] ? emergency_thaw_all+0x1a0/0x1a0 [ 283.003342] ? __init_waitqueue_head+0x36/0x90 [ 283.003360] vfs_kern_mount.part.0+0x6f/0x410 [ 283.011087] do_mount+0x581/0x2d30 [ 283.011104] ? copy_mount_string+0x40/0x40 [ 283.011122] ? copy_mount_options+0x234/0x440 [ 283.018488] ? copy_mount_options+0x23a/0x440 [ 283.018502] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.018516] ? copy_mount_options+0x30e/0x440 [ 283.025456] ksys_mount+0xdb/0x150 [ 283.025471] __x64_sys_mount+0xbe/0x150 [ 283.025486] do_syscall_64+0x103/0x610 01:41:03 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:03 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x5, 0x800) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f00000001c0)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xfffffffffffffffe, 0x80000) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000080)={0xe, @sdr={0x797e5f5f, 0x1ff}}) 01:41:03 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 283.025501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.033398] RIP: 0033:0x457e29 [ 283.033410] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.033417] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 283.033429] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 283.033439] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:41:03 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = dup(0xffffffffffffffff) ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f00000000c0)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x100, 0x0) ioctl$VIDIOC_OVERLAY(r1, 0x4004560e, &(0x7f0000000080)=0x400) [ 283.042456] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 283.042463] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 283.042471] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 283.064805] protocol 88fb is buggy, dev hsr_slave_0 [ 283.072774] protocol 88fb is buggy, dev hsr_slave_1 [ 283.170274] kernel msg: ebtables bug: please report to author: Wrong size [ 283.302508] protocol 88fb is buggy, dev hsr_slave_0 [ 283.307684] protocol 88fb is buggy, dev hsr_slave_1 [ 283.542472] protocol 88fb is buggy, dev hsr_slave_0 [ 283.547544] protocol 88fb is buggy, dev hsr_slave_1 01:41:03 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:03 executing program 3: setrlimit(0x3, &(0x7f0000000000)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:03 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:03 executing program 2: r0 = syz_open_dev$swradio(&(0x7f0000000080)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x2) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @loopback, @dev}, &(0x7f0000000100)=0xc) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x149000) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000004, 0x22013, r1, 0x0) 01:41:03 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x5, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:03 executing program 5 (fault-call:3 fault-nth:27): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:03 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) prctl$PR_GET_SECCOMP(0x15) [ 283.708138] FAULT_INJECTION: forcing a failure. [ 283.708138] name failslab, interval 1, probability 0, space 0, times 0 [ 283.711438] kernel msg: ebtables bug: please report to author: Wrong size [ 283.776988] IPVS: ftp: loaded support on port[0] = 21 [ 283.801003] CPU: 1 PID: 11698 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 283.808292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.817630] Call Trace: [ 283.817652] dump_stack+0x172/0x1f0 [ 283.817669] should_fail.cold+0xa/0x1b [ 283.817685] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 283.832791] ? lock_downgrade+0x810/0x810 [ 283.832809] ? ___might_sleep+0x163/0x280 [ 283.832828] __should_failslab+0x121/0x190 [ 283.832843] should_failslab+0x9/0x14 [ 283.832855] kmem_cache_alloc_trace+0x2d1/0x760 [ 283.845326] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 283.845345] __memcg_init_list_lru_node+0x8a/0x1e0 [ 283.845360] __list_lru_init+0x3d3/0x6e0 [ 283.858978] sget_userns+0x81e/0xd30 [ 283.858999] ? get_anon_bdev+0xc0/0xc0 [ 283.859018] ? get_anon_bdev+0xc0/0xc0 [ 283.859030] sget+0x10c/0x150 [ 283.859044] ? ovl_show_options+0x550/0x550 [ 283.866789] kernel msg: ebtables bug: please report to author: Wrong size [ 283.867996] mount_nodev+0x31/0x110 [ 283.868011] ovl_mount+0x2d/0x40 01:41:03 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffc000/0x1000)=nil) r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x8) socketpair(0x9, 0x0, 0x5, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$MISDN_TIME_STAMP(r1, 0x0, 0x1, &(0x7f00000001c0)=0x1, 0x4) pwrite64(r0, &(0x7f0000000080)="55ea81509c0c6e27a0346be589ea9293eb69e2818c18a055253ad5c85a14bdf5b80ce2beabc7d0028ad27af947a8547d", 0x30, 0x0) 01:41:03 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:03 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:03 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400400, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x2, 0x0) tee(r0, r1, 0x400, 0x7) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 283.868024] mount_fs+0x106/0x3ff [ 283.868040] ? emergency_thaw_all+0x1a0/0x1a0 [ 283.886865] ? __init_waitqueue_head+0x36/0x90 [ 283.886886] vfs_kern_mount.part.0+0x6f/0x410 [ 283.886903] do_mount+0x581/0x2d30 [ 283.886916] ? finish_automount+0x471/0x490 [ 283.925545] ? copy_mount_string+0x40/0x40 [ 283.925559] ? kmem_cache_alloc_trace+0x354/0x760 [ 283.925580] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.925593] ? copy_mount_options+0x30e/0x440 [ 283.925608] ksys_mount+0xdb/0x150 [ 283.925622] __x64_sys_mount+0xbe/0x150 [ 283.933172] kernel msg: ebtables bug: please report to author: Wrong size [ 283.934661] do_syscall_64+0x103/0x610 [ 283.934679] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.934688] RIP: 0033:0x457e29 [ 283.934701] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.948203] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:41:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x7, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 283.948217] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 283.948225] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 283.948232] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 283.948240] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 283.948247] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:04 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:04 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:04 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000080)={0xffffffffffffff00, 0x7fffffff, 0x81, 0x82b, [], [], [], 0x80000000, 0xffffffffffffffff, 0x200, 0x4, "d051de7573f33c3538f9b7a35182d10c"}) 01:41:04 executing program 3: setrlimit(0x2, &(0x7f00000000c0)={0xfffffffffffffffe}) r0 = syz_init_net_socket$ax25(0x3, 0x7, 0xcb) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000180)=0x4) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x80082, 0x0) ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000140)) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x101100, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000040)={0x6, 0x6005}) 01:41:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:04 executing program 5 (fault-call:3 fault-nth:28): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 284.560039] FAULT_INJECTION: forcing a failure. [ 284.560039] name failslab, interval 1, probability 0, space 0, times 0 [ 284.596074] kernel msg: ebtables bug: please report to author: Wrong size [ 284.616500] CPU: 0 PID: 11735 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 284.623816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.633171] Call Trace: [ 284.635766] dump_stack+0x172/0x1f0 [ 284.639402] should_fail.cold+0xa/0x1b [ 284.643288] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 284.648385] ? lock_downgrade+0x810/0x810 [ 284.652636] ? ___might_sleep+0x163/0x280 [ 284.656872] __should_failslab+0x121/0x190 [ 284.661109] should_failslab+0x9/0x14 [ 284.664912] kmem_cache_alloc_trace+0x2d1/0x760 [ 284.666018] IPVS: ftp: loaded support on port[0] = 21 [ 284.669585] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 284.679842] __memcg_init_list_lru_node+0x8a/0x1e0 [ 284.684771] __list_lru_init+0x3d3/0x6e0 [ 284.688831] sget_userns+0x81e/0xd30 [ 284.692537] ? get_anon_bdev+0xc0/0xc0 [ 284.696545] ? get_anon_bdev+0xc0/0xc0 [ 284.700424] sget+0x10c/0x150 [ 284.703523] ? ovl_show_options+0x550/0x550 [ 284.707842] mount_nodev+0x31/0x110 [ 284.711464] ovl_mount+0x2d/0x40 [ 284.714824] mount_fs+0x106/0x3ff [ 284.718269] ? emergency_thaw_all+0x1a0/0x1a0 [ 284.722760] ? __init_waitqueue_head+0x36/0x90 [ 284.727355] vfs_kern_mount.part.0+0x6f/0x410 [ 284.731941] do_mount+0x581/0x2d30 [ 284.731954] ? finish_automount+0x471/0x490 [ 284.739771] ? copy_mount_string+0x40/0x40 [ 284.739787] ? kmem_cache_alloc_trace+0x354/0x760 [ 284.748906] ? _copy_from_user+0xdd/0x150 [ 284.748931] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.758563] ? copy_mount_options+0x30e/0x440 [ 284.758582] ksys_mount+0xdb/0x150 [ 284.766570] __x64_sys_mount+0xbe/0x150 [ 284.766587] do_syscall_64+0x103/0x610 [ 284.774402] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 284.774411] RIP: 0033:0x457e29 [ 284.774423] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 284.774430] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 284.774441] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:04 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x9, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:04 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x4, 0x103) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={0x0, 0x1}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000280)={r1, 0x7}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x2, 0x20}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e24, 0x9, @loopback, 0x3}}, 0xffffffff, 0x3f}, &(0x7f00000001c0)=0x90) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:04 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:04 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SIOCAX25DELUID(r1, 0x89e2, &(0x7f0000000480)={0x3, @default, r2}) r3 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x5, 0x20000) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000001c0)=0x0) write$cgroup_pid(r3, &(0x7f0000000200)=r4, 0x12) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="180000005f0000000000000008000000ff350600d6eb77660101800708000000260aa72575d74000fcffffff850000001f00000095800000"], &(0x7f0000000080)='syzkaller\x00', 0x29e, 0xbc, &(0x7f00000000c0)=""/188, 0x0, 0x1, [], r0, 0xf}, 0x48) modify_ldt$read_default(0x2, &(0x7f0000000300)=""/65, 0x41) [ 284.774448] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 284.774458] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 284.782789] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 284.782797] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:04 executing program 5 (fault-call:3 fault-nth:29): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 284.881833] kernel msg: ebtables bug: please report to author: Wrong size 01:41:05 executing program 3: r0 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x8457, 0x20000) ioctl$PPPIOCSMRRU(r0, 0x4004743b, &(0x7f0000000100)=0x3) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x0, 0x0) ioctl$int_out(r1, 0x2, &(0x7f0000000080)) [ 285.034086] FAULT_INJECTION: forcing a failure. [ 285.034086] name failslab, interval 1, probability 0, space 0, times 0 [ 285.078988] CPU: 1 PID: 11768 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 285.086361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.095703] Call Trace: [ 285.098310] dump_stack+0x172/0x1f0 [ 285.101946] should_fail.cold+0xa/0x1b [ 285.105864] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 285.111075] ? lock_downgrade+0x810/0x810 [ 285.115218] ? ___might_sleep+0x163/0x280 [ 285.119366] __should_failslab+0x121/0x190 [ 285.123617] should_failslab+0x9/0x14 [ 285.127428] kmem_cache_alloc_trace+0x2d1/0x760 [ 285.132095] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 285.137200] __memcg_init_list_lru_node+0x8a/0x1e0 [ 285.142142] __list_lru_init+0x3d3/0x6e0 [ 285.146209] sget_userns+0x81e/0xd30 [ 285.149922] ? get_anon_bdev+0xc0/0xc0 [ 285.153839] ? get_anon_bdev+0xc0/0xc0 [ 285.157739] sget+0x10c/0x150 [ 285.160870] ? ovl_show_options+0x550/0x550 [ 285.165195] mount_nodev+0x31/0x110 [ 285.168815] ovl_mount+0x2d/0x40 [ 285.172171] mount_fs+0x106/0x3ff [ 285.175616] ? emergency_thaw_all+0x1a0/0x1a0 [ 285.180101] ? __init_waitqueue_head+0x36/0x90 [ 285.184689] vfs_kern_mount.part.0+0x6f/0x410 [ 285.189684] do_mount+0x581/0x2d30 [ 285.193214] ? finish_automount+0x471/0x490 [ 285.197528] ? copy_mount_string+0x40/0x40 [ 285.201753] ? kmem_cache_alloc_trace+0x354/0x760 [ 285.206588] ? _copy_from_user+0xdd/0x150 [ 285.210730] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 285.216346] ? copy_mount_options+0x30e/0x440 [ 285.220839] ksys_mount+0xdb/0x150 [ 285.224377] __x64_sys_mount+0xbe/0x150 [ 285.228347] do_syscall_64+0x103/0x610 [ 285.232231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.237406] RIP: 0033:0x457e29 [ 285.240587] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 285.259475] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 285.267170] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 285.274425] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 285.281682] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 285.288940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 285.296199] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:05 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:05 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000300)='/dev/rtc0\x00', 0x0, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) tee(r0, r1, 0xde, 0xf) 01:41:05 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:05 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0x1}) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x20002, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000140)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000005000023117a73bf2a76020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x78) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x3, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000000c0)={0x2, r1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:05 executing program 5 (fault-call:3 fault-nth:30): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 285.430241] kernel msg: ebtables bug: please report to author: Wrong size [ 285.437683] FAULT_INJECTION: forcing a failure. [ 285.437683] name failslab, interval 1, probability 0, space 0, times 0 01:41:05 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x10d001, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)={0x73, 0x800, 0xf260, 0xe9, 0xa, 0x3e000, 0x7fffffff, 0x6, 0xffff, 0x4, 0x7ff, 0x1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 285.482647] IPVS: ftp: loaded support on port[0] = 21 [ 285.492844] CPU: 1 PID: 11786 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 285.500135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.509483] Call Trace: [ 285.512075] dump_stack+0x172/0x1f0 [ 285.515708] should_fail.cold+0xa/0x1b [ 285.519594] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 285.524691] ? lock_downgrade+0x810/0x810 [ 285.528834] ? ___might_sleep+0x163/0x280 [ 285.532998] __should_failslab+0x121/0x190 [ 285.537232] should_failslab+0x9/0x14 [ 285.541025] __kmalloc+0x2dc/0x740 [ 285.544574] ? __list_lru_init+0xd5/0x6e0 [ 285.548715] __list_lru_init+0xd5/0x6e0 [ 285.552690] sget_userns+0x84d/0xd30 [ 285.556394] ? get_anon_bdev+0xc0/0xc0 [ 285.560281] ? get_anon_bdev+0xc0/0xc0 [ 285.564249] sget+0x10c/0x150 [ 285.567356] ? ovl_show_options+0x550/0x550 [ 285.571672] mount_nodev+0x31/0x110 [ 285.575316] ovl_mount+0x2d/0x40 [ 285.578678] mount_fs+0x106/0x3ff [ 285.582133] ? emergency_thaw_all+0x1a0/0x1a0 [ 285.586634] ? __init_waitqueue_head+0x36/0x90 [ 285.591215] vfs_kern_mount.part.0+0x6f/0x410 [ 285.595706] do_mount+0x581/0x2d30 [ 285.599247] ? finish_automount+0x471/0x490 [ 285.603566] ? copy_mount_string+0x40/0x40 [ 285.607805] ? kmem_cache_alloc_trace+0x354/0x760 [ 285.612656] ? _copy_from_user+0xdd/0x150 [ 285.616808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 285.619053] kernel msg: ebtables bug: please report to author: Wrong size [ 285.622336] ? copy_mount_options+0x30e/0x440 [ 285.622354] ksys_mount+0xdb/0x150 [ 285.622368] __x64_sys_mount+0xbe/0x150 [ 285.622383] do_syscall_64+0x103/0x610 [ 285.645107] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.650289] RIP: 0033:0x457e29 [ 285.653489] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 285.672470] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:41:05 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0xa00, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000080)={0xd, {0x101, 0x2, 0x8, 0x1}}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:05 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:05 executing program 3: setrlimit(0x800, &(0x7f0000000080)={0xa5, 0x8000000000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:05 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 285.680175] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 285.687553] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 285.694907] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 285.702181] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 285.709439] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 285.852261] kernel msg: ebtables bug: please report to author: Wrong size [ 285.891661] kernel msg: ebtables bug: please report to author: Wrong size 01:41:06 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:06 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x2, 0x0) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000140)={0x2, &(0x7f0000000100)=[{}, {}]}) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x430000, 0x0) ioctl$TIOCSLCKTRMIOS(r1, 0x5457, &(0x7f0000000080)) 01:41:06 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x400000000018, &(0x7f0000ffa000/0x4000)=nil) 01:41:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:06 executing program 5 (fault-call:3 fault-nth:31): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:06 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 286.239992] kernel msg: ebtables bug: please report to author: Wrong size 01:41:06 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:06 executing program 2: setrlimit(0xf, &(0x7f0000000040)={0x0, 0x4000000009}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3, 0x1) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f00000000c0)=&(0x7f0000000080)) prctl$PR_GET_DUMPABLE(0x3) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x400}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000180)={0x0, 0xff, 0x200, 0x1, 0x100, 0x100, 0x7, 0x0, r1}, 0x20) [ 286.287983] IPVS: ftp: loaded support on port[0] = 21 [ 286.288690] FAULT_INJECTION: forcing a failure. [ 286.288690] name failslab, interval 1, probability 0, space 0, times 0 01:41:06 executing program 3: r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x800, 0x0) r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_S_TUNER(r1, 0x4054561e, &(0x7f0000000180)={0xf1fb, "4c76a1eabb64c60d1af44d599e8ddd872fdd62b2e94c1d3223ca8e6a05887556", 0x5, 0x800, 0x101, 0x80, 0x14, 0x2, 0x28ce, 0x10001}) ioctl$int_out(r0, 0x0, &(0x7f0000000100)) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0) setsockopt$inet6_dccp_buf(r2, 0x21, 0x8f, &(0x7f0000000200)="195100ac12719bd36491be6d3bfcad03c4d8f58e8b37e425601fa035aada9e7bfc1d72eff8502a56c293f6f971a81a863b626bcaf7272584be359d3bb1511e13ba67598771a8ab78856d", 0x4a) ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f0000000080)={0xaaa, 0xfb, 0x1}) setrlimit(0x2, &(0x7f0000000000)={0x3}) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x2000)=nil) [ 286.341580] kernel msg: ebtables bug: please report to author: Wrong size [ 286.348947] CPU: 0 PID: 11834 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 286.356225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.365571] Call Trace: [ 286.368152] dump_stack+0x172/0x1f0 [ 286.371788] should_fail.cold+0xa/0x1b [ 286.375673] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 286.380770] ? lock_downgrade+0x810/0x810 [ 286.384909] ? ___might_sleep+0x163/0x280 [ 286.389062] __should_failslab+0x121/0x190 [ 286.393308] should_failslab+0x9/0x14 [ 286.397102] kmem_cache_alloc_node_trace+0x270/0x720 [ 286.402225] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 286.407675] __kmalloc_node+0x3d/0x70 [ 286.411471] kvmalloc_node+0x68/0x100 [ 286.415281] __list_lru_init+0x4aa/0x6e0 [ 286.419344] sget_userns+0x84d/0xd30 [ 286.423057] ? get_anon_bdev+0xc0/0xc0 [ 286.427044] ? get_anon_bdev+0xc0/0xc0 [ 286.430932] sget+0x10c/0x150 [ 286.434036] ? ovl_show_options+0x550/0x550 [ 286.438353] mount_nodev+0x31/0x110 [ 286.441976] ovl_mount+0x2d/0x40 [ 286.445335] mount_fs+0x106/0x3ff [ 286.448787] ? emergency_thaw_all+0x1a0/0x1a0 [ 286.453289] ? __init_waitqueue_head+0x36/0x90 [ 286.457877] vfs_kern_mount.part.0+0x6f/0x410 [ 286.462371] do_mount+0x581/0x2d30 [ 286.465914] ? finish_automount+0x471/0x490 [ 286.470238] ? copy_mount_string+0x40/0x40 [ 286.474556] ? kmem_cache_alloc_trace+0x354/0x760 [ 286.479391] ? _copy_from_user+0xdd/0x150 [ 286.479409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 286.489070] ? copy_mount_options+0x30e/0x440 [ 286.493561] ksys_mount+0xdb/0x150 [ 286.497096] __x64_sys_mount+0xbe/0x150 [ 286.497113] do_syscall_64+0x103/0x610 [ 286.497128] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.510193] RIP: 0033:0x457e29 [ 286.510205] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.510214] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:41:06 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x11, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 286.532346] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 286.532354] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 286.532362] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 286.532369] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 286.532376] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:06 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000000)=@generic={0x0, 0x9, 0x8}) prctl$PR_MCE_KILL_GET(0x22) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 286.640670] kernel msg: ebtables bug: please report to author: Wrong size 01:41:07 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:07 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0x7, 0x80000001, 0x7, 0x4000, 0xffffffffffffff9c}) signalfd4(r0, &(0x7f0000000080)={0x3ff}, 0x8, 0x80800) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:07 executing program 5 (fault-call:3 fault-nth:32): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:07 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:07 executing program 3: socket$inet6_udp(0xa, 0x2, 0x0) setrlimit(0x2, &(0x7f0000000040)) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x0, 0x0) ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000080)) prctl$PR_SET_MM(0x23, 0xf, &(0x7f0000ff5000/0xb000)=nil) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) rt_sigqueueinfo(r1, 0x1a, &(0x7f0000000140)={0x1f, 0x83, 0xfffe0}) socket$inet6_tcp(0xa, 0x1, 0x0) 01:41:07 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x15, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:07 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) write$P9_RLERRORu(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="190000100701000c002973656c666b02000000000000000000"], 0x19) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 287.086228] kernel msg: ebtables bug: please report to author: Wrong size 01:41:07 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 287.142299] FAULT_INJECTION: forcing a failure. [ 287.142299] name failslab, interval 1, probability 0, space 0, times 0 [ 287.163875] IPVS: ftp: loaded support on port[0] = 21 [ 287.197109] CPU: 0 PID: 11880 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 287.204492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.213922] Call Trace: [ 287.216511] dump_stack+0x172/0x1f0 [ 287.220144] should_fail.cold+0xa/0x1b [ 287.224039] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 287.229128] ? lock_downgrade+0x810/0x810 [ 287.233270] ? ___might_sleep+0x163/0x280 [ 287.237534] __should_failslab+0x121/0x190 [ 287.241793] should_failslab+0x9/0x14 [ 287.245593] kmem_cache_alloc_trace+0x2d1/0x760 [ 287.248161] kernel msg: ebtables bug: please report to author: Wrong size [ 287.250271] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 287.262278] __memcg_init_list_lru_node+0x8a/0x1e0 [ 287.267327] __list_lru_init+0x3d3/0x6e0 [ 287.271394] sget_userns+0x84d/0xd30 [ 287.275101] ? get_anon_bdev+0xc0/0xc0 [ 287.275135] ? get_anon_bdev+0xc0/0xc0 [ 287.275148] sget+0x10c/0x150 [ 287.282889] ? ovl_show_options+0x550/0x550 [ 287.282902] mount_nodev+0x31/0x110 [ 287.282917] ovl_mount+0x2d/0x40 [ 287.297272] mount_fs+0x106/0x3ff [ 287.300739] ? emergency_thaw_all+0x1a0/0x1a0 [ 287.305246] ? __init_waitqueue_head+0x36/0x90 [ 287.309837] vfs_kern_mount.part.0+0x6f/0x410 [ 287.314358] do_mount+0x581/0x2d30 [ 287.317892] ? finish_automount+0x471/0x490 [ 287.322216] ? copy_mount_string+0x40/0x40 [ 287.322229] ? kmem_cache_alloc_trace+0x354/0x760 [ 287.322246] ? _copy_from_user+0xdd/0x150 [ 287.335543] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 287.341077] ? copy_mount_options+0x30e/0x440 01:41:07 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x1a1102, 0x0) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000000080)) 01:41:07 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x5, 0x101040) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x1000}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e21, 0x0, @remote, 0xde65}}, [0x8, 0xee5, 0x1, 0x3ff, 0x6fb, 0x80000000, 0x1, 0x8, 0x700000, 0x80000001, 0x1f, 0x1, 0x1f, 0x4, 0xff]}, &(0x7f0000000200)=0x100) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x0, 0x0, @rand_addr="fe83179570b841b19120845d186154c9", 0x6}, {0xa, 0x4e22, 0x1, @mcast1, 0x40}, 0x1000, [0x0, 0x0, 0x3ff, 0x5, 0x9, 0xa86, 0x1f, 0xa44]}, 0x5c) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1) dup(0xffffffffffffffff) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) fchdir(r2) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) umount2(&(0x7f0000000280)='./file0\x00', 0x0) prctl$PR_SET_FPEMU(0xa, 0x0) syz_open_dev$vcsn(0x0, 0x800, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x228) setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000000)={{}, 0x0, 0x0, 0x0, {0x80000001}, 0x8000000000000000}) setrlimit(0xe, &(0x7f0000000240)={0x81, 0xfffffffffffffffc}) 01:41:07 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:07 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 287.345566] ksys_mount+0xdb/0x150 [ 287.345583] __x64_sys_mount+0xbe/0x150 [ 287.345599] do_syscall_64+0x103/0x610 [ 287.353064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.353073] RIP: 0033:0x457e29 [ 287.353086] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.384246] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.391949] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 287.399210] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 287.404560] kernel msg: ebtables bug: please report to author: Wrong size [ 287.406471] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 287.406479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 287.406486] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 287.414018] net_ratelimit: 18 callbacks suppressed [ 287.414025] protocol 88fb is buggy, dev hsr_slave_0 [ 287.414065] protocol 88fb is buggy, dev hsr_slave_1 [ 287.462659] protocol 88fb is buggy, dev hsr_slave_0 [ 287.467749] protocol 88fb is buggy, dev hsr_slave_1 [ 287.782489] protocol 88fb is buggy, dev hsr_slave_0 [ 287.787702] protocol 88fb is buggy, dev hsr_slave_1 01:41:08 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:08 executing program 3: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x46000, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x1, 0x8, 0x4, 0x4}, {0xdeb, 0x2, 0x1, 0x4}, {0x0, 0x1, 0x9, 0x3}]}, 0x10) syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x24000) prctl$PR_SET_MM(0x23, 0xf, &(0x7f0000ffd000/0x3000)=nil) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000140)={{0x4, 0x4}, 0x0, 0x6, 0x5, {0x7f}, 0x5, 0xffffffff80000000}) 01:41:08 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:08 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1f4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:08 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000080)=""/160) 01:41:08 executing program 5 (fault-call:3 fault-nth:33): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:08 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 287.966545] kernel msg: ebtables bug: please report to author: Wrong size [ 287.985383] FAULT_INJECTION: forcing a failure. [ 287.985383] name failslab, interval 1, probability 0, space 0, times 0 01:41:08 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:08 executing program 2: setrlimit(0x5, &(0x7f0000000000)={0x80000000, 0x4080000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 288.094659] IPVS: ftp: loaded support on port[0] = 21 [ 288.100952] CPU: 0 PID: 11919 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 288.108230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.117578] Call Trace: [ 288.120166] dump_stack+0x172/0x1f0 [ 288.123794] should_fail.cold+0xa/0x1b [ 288.127690] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 288.132788] ? lock_downgrade+0x810/0x810 [ 288.136930] ? ___might_sleep+0x163/0x280 [ 288.136952] __should_failslab+0x121/0x190 [ 288.136966] should_failslab+0x9/0x14 [ 288.145304] kmem_cache_alloc_node_trace+0x270/0x720 [ 288.145318] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 288.145335] __kmalloc_node+0x3d/0x70 [ 288.154186] kvmalloc_node+0x68/0x100 [ 288.154202] __list_lru_init+0x4aa/0x6e0 [ 288.154232] sget_userns+0x84d/0xd30 [ 288.154245] ? get_anon_bdev+0xc0/0xc0 [ 288.154264] ? get_anon_bdev+0xc0/0xc0 [ 288.167338] sget+0x10c/0x150 [ 288.167356] ? ovl_show_options+0x550/0x550 [ 288.167370] mount_nodev+0x31/0x110 01:41:08 executing program 2: setrlimit(0x2, &(0x7f0000000000)={0x0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x6, 0x10000) ioctl$VIDIOC_DBG_S_REGISTER(r0, 0x4038564f, &(0x7f0000000080)={{0x2, @name="353e691c779b1c9086f3491e6ce31e2b36e7428026dcc6c6b57a363a7d0a8f48"}, 0x8, 0x4ff, 0xfff}) [ 288.167383] ovl_mount+0x2d/0x40 [ 288.185948] mount_fs+0x106/0x3ff [ 288.185964] ? emergency_thaw_all+0x1a0/0x1a0 [ 288.185980] ? __init_waitqueue_head+0x36/0x90 [ 288.185997] vfs_kern_mount.part.0+0x6f/0x410 [ 288.197250] do_mount+0x581/0x2d30 [ 288.214290] ? finish_automount+0x471/0x490 [ 288.214308] ? copy_mount_string+0x40/0x40 [ 288.214321] ? kmem_cache_alloc_trace+0x354/0x760 [ 288.214342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.214354] ? copy_mount_options+0x30e/0x440 [ 288.222171] ksys_mount+0xdb/0x150 [ 288.231286] __x64_sys_mount+0xbe/0x150 [ 288.231305] do_syscall_64+0x103/0x610 [ 288.231320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.231331] RIP: 0033:0x457e29 [ 288.241313] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.241321] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 01:41:08 executing program 3: syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00') ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'syz_tun\x00'}) recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{0xffffffffffffffff, 0x0, &(0x7f0000003280)=[{&(0x7f0000002180)=""/113, 0x71}, {&(0x7f0000002200)=""/66, 0x42}, {&(0x7f0000002280)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/64, 0x40}], 0x4, &(0x7f00000032c0)=""/224, 0xe0, 0x9}, 0xfffffffffffffffe}, {{0x0, 0x0, &(0x7f0000003480), 0x0, 0x0, 0x0, 0x2}, 0xca}, {{&(0x7f00000034c0)=@sco, 0x80, &(0x7f0000003700)=[{&(0x7f0000003540)=""/187, 0xbb}, {&(0x7f0000003600)=""/253, 0xfd}], 0x2, &(0x7f0000003740)=""/165, 0xa5, 0x10001}, 0x5}, {{&(0x7f0000003800)=@hci, 0x80, &(0x7f0000003940), 0x0, 0x0, 0x0, 0xc1}, 0x6}, {{&(0x7f0000003980)=@ipx, 0x80, &(0x7f0000005bc0)=[{&(0x7f0000003a00)=""/181, 0xb5}, {&(0x7f0000003ac0)=""/4, 0x4}, {&(0x7f0000003b00)=""/4096, 0x1000}, {&(0x7f0000004b00)=""/4096, 0x1000}, {&(0x7f0000005b00)=""/119, 0x77}, {&(0x7f0000005b80)=""/23, 0x17}], 0x6, &(0x7f0000005c40)=""/4096, 0x1000, 0xb5d}, 0x8}, {{0x0, 0x0, &(0x7f0000006ec0)=[{&(0x7f0000006dc0)=""/66, 0x42}, {&(0x7f0000006e40)=""/103, 0x67}], 0x2, &(0x7f0000006f00)=""/245, 0xf5, 0x1000}, 0x5}, {{0x0, 0x0, &(0x7f0000007000), 0x0, &(0x7f0000007040)=""/66, 0x42, 0x800}, 0x7}, {{&(0x7f00000070c0)=@sco, 0x80, &(0x7f0000008300)=[{&(0x7f0000007140)=""/136, 0x88}], 0x1, &(0x7f0000008340)=""/4096, 0x1000, 0x49e1}}], 0x8, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000), 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700)='/dev/mixer\x00', 0x2000000440200, 0x0) bind$xdp(0xffffffffffffffff, &(0x7f0000000040)={0x2c, 0x0, 0x0, 0xd, r0}, 0x10) accept$alg(r0, 0x0, 0x0) getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, &(0x7f00000003c0), &(0x7f00000001c0)=0x60) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000200)={'filter\x00', 0x4}, 0x68) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x15, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x7}, [@alu={0x7, 0x4, 0x0, 0x0, 0xb, 0x0, 0xfffffffffffffffc}, @ldst={0x3, 0x3, 0x6, 0x1, 0xf, 0x40, 0x5}]}, 0x0, 0xc698, 0x0, 0x0, 0x40f00, 0x1, [], 0x0, 0x4}, 0x48) setrlimit(0x2, &(0x7f0000000040)={0x0, 0x5}) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x1000)=nil) [ 288.241334] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 288.241341] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 288.241350] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 288.280495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 288.280503] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 288.288415] protocol 88fb is buggy, dev hsr_slave_0 [ 288.288467] protocol 88fb is buggy, dev hsr_slave_1 01:41:08 executing program 2: r0 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x4, 0x381001) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000200), &(0x7f0000000240)) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xffffffff, 0x80) write$capi20_data(r1, &(0x7f00000013c0)=ANY=[@ANYBLOB="f40004008783000807000000000000000010ee3b97cd7070b962aa35ab0bcbe6e60d8279d28dd31906916f8304db473f44640dcfe94813ee7429e8ca1933538e9619ee554834bf3a89322f19c7ab12b1bc7ed000b040b32d14c780716df78af8f18335ac8328d8492e22cc1628927a333297545528600cfa7766f60d629bbbe3f0d4aa902731cbfd498158f40233876bafd6ebc87111c304ed1ac805beceb88ab5729c83214730b203c2f71b1f4f099400b0ae13a4e3df4de72eeda2202eb7ed163035757e93ac150fc51f21ccf7efec8a60b7f6406d0996466d7c39eb74a42b79c13529a49f52eec8a5dbfd4f77d8bc955ed27ab0e5765dfbf42f4edd71ba8b995a71618ba99e3241ca96a7af82bc95674948b6a7c37ec794e64ac8df7ad16e87ddffa5aaaca13869c529108938f4a0d0fb79f3e7afecec5b840f527a0cbbf025602a581ac05ebea969a158c84a86aba17ac78c85ed29d1d79efb4bfe6ec8c4a8d10fd34f570868ea73e22911a9a09342192321c66fb8d9c420d726b60c213f489a6812a86eab1dd542346db4424bccca444727c2b4f9b455dfb78b795c9772aa840c396eba65364662624b3f6be80b19fa56a1843d5b46965f20caf4b2f7610eff62ed5be6f9cb9674853bfd40beb17d3b500ee72a7dfe5cfb8fd632439ca72e46221df2c74ec1e9a213573f30ffbf7eabe9db2c8d40423461af007bf0ff29c426c270eef0355530974d54602440a274c09377412aef237600c675615ea200d5c36d24394ac1cdd7eab2943623b2127dd5bad8431e3e0c975c8558281c03f2551441e9382f2d7748abb1048de8b1a2398c5ee0cceb01d474f329465987a4b4ace8a3b037d0ca0976219a236ada03235b970ca6a0bfc8c1cb95a88e35dd9086a0c592f5ae9a88be6a33a3db01fe4c65a4556a525abb5c1f47be0d4ea008d1e2e6b8998f5b81ee83e785f97e368b0e53f17a84bd7921e879fdc6d3cf43c964d98f4fa7d9c95c868a686375485d6fe52af963548b4e67e070328c81e8d7b824ae8528cb783fb327c67fb4ef9209baae4b7d190f942fb5cc3bdbb2a8d225f7bbb4321a2e0a235c3f44042b7dce50848454d9723a6654ce3e1c841d396e82171256d3aa36110aee40ffe89622936d514a2c618cb9ae9242e1073b54239e09db4f2bd3b2fe5f78950c07b17259d5d000d89851288ff2ceaf8c286c78f98f7547734afcaaeee9896a1e429f0b9ad9c9151d0cfef49e4b74b5975eefc1ea799e3b498a015a3db75242f83187f4a631c7297d606f19b879a49b87e3437a861de7bdee72c6cfae8512b9790688e816d59826b4725cad451f7d8453c622e2d1f7ecff50b624004ed414818ad2ece0f0e479e35ca6f2b2706e4882354baa40892c557eae2dc46175fdfaf985b5b366fa362b2385eef3cc4f8e2c39687da5373f68eea02c58d089527e4e94ec129d3dfee73d0d03d5af88bbb3457ea3d6a325f6718048e692533c5f954d4d99d590095936af41c98f9224b81d3b87ec9cfa786c55d609f8787383aaab75e004caaa4fab63cf089bced7bd8e2aedb8d840696173d5c5d0299cbf13987ee30305bdbfbacc5ab3b5eae80b8f213014798e94436680fc376c16f3cf6b19d79535836e48a255219d504ec75fbc3380d5904e8f8e0c4dce4dcb1bd375b102f1a9d113cf8ff57e1306995f27ff24af7a70138deefab22f6f5d3ddb605b005e7cef478dc9e8bc063bd2f023ab4d31a7ee93dc435568946e25c20969fd6c85a71f08d040a07f4e1b8a2aa2e452832fb3d0b95719cd74c1b49b3efc056ba68c5caa0f1bbd4f029fb576f4fdf31ed35547cc9f370eead9710d41b0a2e6922456618510cf090c39196d53e16572e0f6a8c8adfd2dbecb6212f230efd3f04eb75e9cf8d1634d6c51ea0a750f855576918317da61421bdf7d5221d05b8abdcde805c7b2872cfddd6ce62fc35a4924030ef97aec4c222089daf9284f72c60cbd9241a12c1e5578772a66f9ee4e829878808819ab1a763dbfc36c415ffded7c22795e1bab16e1980002e7e11ece26636cfb05a3d1a136fa80478984f35b79e45cd2ed0e39e58f562df9958bf9857b49d955f94bd23186a67d8ad235a4761c7a24068be8f9308c0ecb4a0ec6364f3f6ad91725ff4cbb8fb4841b056b03481914aa2131b4c689325da1b58a974dc1f26f6219ebabd92e63e2df32d397a27544b3181f21295b4e2a09facac95587240d48d94595c4aa07461ab34cc246c3d28f9337416ba5c2a783e372315d481e5375c2e31b06ecc93139e1f3a39053f9153cde2500e401666e4d54b91d7b3a5fdd5f5f6c56a4b910312a03a1026258b00b41dc783f6e8fc73ae5f7b1933330d7903b559ee14a5fddb30bf173ef96bcd0f747fb0cfb2a348f8b1e41e70e6fd0106799bb53df08890864ee22016175bda7eef7c32380948386d5a6f3ba3a13e338a94561f0ecf31e22b274239a937a92c3659b6e18456fd0e008b5f5ef20e0f4d3f5c5e3dae0390bbe8a7f1c9cd897dc14016b12df8a1a17a81ece5e43799919719da84113cfd1ab25da17215754e5f9f58a9d53ca6377679b21bc2cca9b380f699398f00149c610bd38917f728f39ef18908e0bb55fedb5cd7b48e69901684d7165b6e21666f53c5e19c0505734e5f8871a59e1687078b1fce5ef89e492590648f6095ab27a47b0a19d7c372d2a2bbceb01c4f184c3b729c9df3a363cba70b639167d21d220081c8df4f9b05ac385641fab808a0dfd7e4330410178435efa0ccb564dbd8d90130495d1a7fdbf3a303f2b9a2566a459a7ba113561cc8ee8913818f013fad11dfa81d0a8f52fcdb3626356feb503f4328d1f3c772beb4e018d68e046fd14efa15f1aeb574574b85c613ff1c071e75d39fbe5219f237f1e84b9b6aa3a65d80ee52eebb8de184ea6ccfe8d74eb82041301dd0a487d3e4623c2f991b430451bece0de7f70d477a9c3ae4a9921c739b69dd1dd86860dbcf68c32c041493c5dca81556f3f57fa6822da5e3a705c2fcc019f6d6b958a796104471bbbc591776206e1cb32ba798abcfa541c52df5fc7cebbb729fc7c8daa2179d4a4a3fecba77702f680b2e1f94a9e37198861310ffaed83ff003388c9a9b4633ec5cac310d86be2b70ba4b8946d64a514e947756a22f51bd3b2f321083472be71917a73e326611b3a748f1d8bfa91bd4812b7ec3c3802cef04041445acd8b3a40acc1bcb5a0a7c201e33af3915454e43f926bd347699fdae4bd5e6028410a0f19d6efa609992d82272c71a68a7bc4c666c2034a10c224e0944261a4a2fd8858a368b5c05ed1d388b9b03636ba4d72f1071fffbc05d8cb5a957ea3431bdfedbd18948f524e17b6599691a4d34b69e89c3098f04ac066e435625e6970aa6adaf23cf106583ebb73469bb8df093ecc8d30d5f34096ddb3cfb6ebdbc0bd57cd541f72bcb7739c8c9269f4c6938f147dac6b40e461dc904b1a073be698426f04fffd24ce55dc79f694efeb4d72983facc01b587a24e483612f9fc7af92be1275d6d41ec5e62c64f3068775dafaea2a63e7ed05213318f01b538b46f75f91e27d7f547472db97267275bd3ea67a58c17b9fab425c3ab6b566fb6b486603e5741c61516282c2acd4bfacfdd4f089b4ade6ce9a231e6cc14e075867b267580cccf11f1d6d21d338acdc500c72cd5a51b89dcfa65225385eb68e9f86eb1c0735ecbd41a57f275c77e8f026cc66fe5fe9412fce8e1c337fe698c3cf12bbd583644432c6219815b9906d3f8569ef1809a4d68379bf2127a9e5718d614044282dcb8b43e08f0ddf84f5c622cebb96c95a3191cf7618cebc56d93ad542303ad24c199dd173399d0025ab23ed169b5dab25f03dd826da5b5e3eb20c45f7345d57e3fc12a0b107361440b55ce667116bfa6a0c49cf702af070a546f432afbeb1725688954bdcbb92a820ffc0671d4a0cf8d858db80b498ddd6a3eb9214f674be722f430176dfdd710d204a8e2148b376ec1f9753d8c2753aaaf72dcecadb80afc81291e920a4402c9d914fe7af2393db4285e3075dae6730250d0f71afab414db311b41e43d70f5214e1eefe5d51a16a2510998940a28037eafaa4e187cb0a89c45e872a4b3ee8640cd98980c546f73f2c7c0ddf09f92de49c60ca53922019ab50bcaba15fdb1c28d6e808b644151bf07b5fe818fe34e8ae0d9c89cd92fb633a3a0d75107e8c8fac5d0fa5f0f12fd9c2dfa59883866ea3d18e4be611072278f9c71cd05b17ca63cb62b77d6e7f8c93ed3c6021c99fd187fb77aa1d682b9c53ec2bb7c1da9deee2e7a7e341d2869ca48545016b0541b71da0f384b04bda6e5931a53b485cdb7ed96732b31ce12603e1c2300a6ff0c191385896f2a4acbec1106309ab310d29ace03b21d65b21d551515aaab33cf4d00ea9625fb6816b3b3b698a3bd3676086b223d90cbc3382e66deae8c70bd230beef1a6c8cca9755fac89a086d0b85b5ea910502fa97cf648d85a0fb12790c6df9e66206d1cd2891d82cf85f973949ffff27664eb8d50da7a39e92e606a2744871052e4161349e9756cb0138f8b04ca659a3b30f0b85857af35e61629a234ea4df0da9c22c44a768c004ebaf4543eaca4aa706b98b1fb92596701190026bf253d4d7eb8b7547280acfbfd0bc1a08eb64a92edf677f6c714037e7331c475c499151b6bc9f3d801e1715b6d776d25f9f3c797a541dc69fa89e6176cb045695782083b5da38a6e5bf62d95b6138a52d1d0fa1c9c74c994b4e8a13cf2c0bcd16f4007d549d50e067ca8ed19303c3b1324888d18ca052825f76e9898647626394afe8141e8ff97df74f47795b2b5c170b0d49109c61288dd759b89ead3f8727055f5d7760ccaffa276699400e35690da3622c123912009720b5d8b46c083be47b40a6ae67588c5bc846bc52e5eb46f7bbc0b820815743235033fce8f835274891398c49dada9e0aaf6683eafee826c0224e9ae3c772b59cb6c46caeb843182c5323f4c4778ca21a55724b46b01c624dae0c512ff100c1737dfe6d20ebb04b1b0320e99892ddec03093a033b9a216d2abd6dc81ee0631aaee2701047ef79b61c6ae325aa1d4be368acb0b0c0d970922026f090ebe7813cef24533eee6c489e98c6f7bce128c43ef7b6b4792766bc58c38ff092ef5f3b44342239512a751949c51c388940ee2d94d733aa5158e2b7ed9dabf18b66ee86c2ad99d9764b5a1e5c6687fbcfda48f4f71b31831779ae1049335912880a579bed8556493beb9168df1c4a98333abb9b72b6198cf1131df6440e4bdbc659d14164498e4b2d2a3ccdb352caec7fa83bede40ebaa52dc5c200a232cd46231d4eddd435d913f392e6fafaa0cc8f488046cd4383c4479d99a717db517553231b2bc5447727fd16ead9962204c2f77e565d3361f6121555382123a8fc67aa7a8c4ca1e97189842e629dfdbb9178624cd5c7a28f5e564a3114329fbefa06352dcdb1d7d60221d24721d26973fe137ac568d773f684182f23fdbf2862a6842ba1ebc09044ab68f7eb605a8303b50c204148acff78c552394f0701eceba96558b203940cf3337fd10bc724e70d8216cc338440262da86cfcb3d1ac93c38a84969d98a2948d4369bc97e6a6bade5f285a90dca7a87c5550e41acfef551a1264d369c0db0e1ed12d0215775b8059d8be33f0e5e9cbbe5c98d5c4895699e5be5f14fc1b09637bbc677243db040928a7922bbd84eafdd8fc9c735302c74f089e03f9a28293466564399cfb09a1e2fb57911c018a73b7200cbee44ffbd61f8edec47a17ffaea156b2290ffd4d6d486c3935f4f35467ebab9822d43e21abc6ad5a3662813e81b808558c8a"], 0x1012) sendto$unix(r1, &(0x7f0000000080)="dad37cb606a67fe353b392f28269b66f14d4c8f80bc665538de8d4ea026c706edd5f19417e7ee3f608e0a8e61cc64a4bd616aabbf4776ffd31525713e3ad9e30a4f5129d15c91ce4a61db1f61590024fa6c7b5bd5e1ba9a03ca8094a279feb19eb8f017bf1b459a0e48ec41568d1be53454a11dacbcd77a7dfb011e65372", 0x7e, 0xcdaaf3c80ab50e46, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000180)=0x1) r2 = syz_open_dev$radio(&(0x7f0000000200)='/dev/radio#\x00', 0x2, 0x2) ioctl$UDMABUF_CREATE_LIST(r2, 0x40087543, &(0x7f0000000280)={0x0, 0x8, [{r0, 0x0, 0xfffffffffffff000, 0x1000000000000}, {r0, 0x0, 0x100000000, 0x1000100000000}, {r0, 0x0, 0xfffffffffffff000, 0x11000}, {r0, 0x0, 0xfffff000, 0xfffffffff0000000}, {r1, 0x0, 0xfffffffffffff000, 0x4000}, {r1, 0x0, 0x9000, 0x10000}, {r1, 0x0, 0xfffffffffffff000, 0xfffffffff0000000}, {r0, 0x0, 0xfffffffffffff000, 0x10000c000}]}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 288.582508] protocol 88fb is buggy, dev hsr_slave_0 [ 288.587685] protocol 88fb is buggy, dev hsr_slave_1 01:41:08 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:08 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:08 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x240, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:08 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200000, 0x0) dup2(r0, r0) ioctl$LOOP_CLR_FD(r0, 0x4c01) 01:41:08 executing program 5 (fault-call:3 fault-nth:34): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:08 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x84000, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000080)={0x100000001, 0x6, 0x0, 0x0, 0x4, 0x8, 0x1}, 0xc) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 288.853244] kernel msg: ebtables bug: please report to author: Wrong size [ 288.857210] FAULT_INJECTION: forcing a failure. [ 288.857210] name failslab, interval 1, probability 0, space 0, times 0 [ 288.880695] CPU: 0 PID: 11964 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 288.887994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.897335] Call Trace: [ 288.899941] dump_stack+0x172/0x1f0 01:41:09 executing program 3: r0 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x1000, 0x40) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f00000000c0)={0x4, 0x0, [{0x3, 0x7, 0x0, 0x0, @adapter={0xffffffff, 0x10000000000, 0x7, 0x215c4000000000, 0x1000}}, {0xa9e0, 0x4, 0x0, 0x0, @irqchip={0x7, 0xcedc}}, {0x9, 0x3, 0x0, 0x0, @irqchip={0x6, 0xe5dc}}, {0x7fffffff, 0x3, 0x0, 0x0, @sint={0x5ef, 0x7fff}}]}) setrlimit(0xffffffffffffffff, &(0x7f0000000200)) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x200000, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) mq_open(&(0x7f0000000040)='\'mime_type\x00', 0x0, 0x4, &(0x7f00000001c0)={0x2, 0x4, 0x3f, 0x10001, 0x80000001, 0x1000, 0x2, 0x7}) 01:41:09 executing program 2: setrlimit(0x2, &(0x7f0000000000)={0x80000000, 0x4000000004}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 288.903571] should_fail.cold+0xa/0x1b [ 288.907461] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 288.912559] ? lock_downgrade+0x810/0x810 [ 288.916710] ? ___might_sleep+0x163/0x280 [ 288.920887] __should_failslab+0x121/0x190 [ 288.925229] should_failslab+0x9/0x14 [ 288.929024] kmem_cache_alloc_trace+0x2d1/0x760 [ 288.933717] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 288.938827] __memcg_init_list_lru_node+0x8a/0x1e0 [ 288.943756] __list_lru_init+0x3d3/0x6e0 [ 288.947839] sget_userns+0x84d/0xd30 [ 288.951577] ? get_anon_bdev+0xc0/0xc0 [ 288.955474] ? get_anon_bdev+0xc0/0xc0 [ 288.959360] sget+0x10c/0x150 [ 288.962468] ? ovl_show_options+0x550/0x550 [ 288.962484] mount_nodev+0x31/0x110 [ 288.962500] ovl_mount+0x2d/0x40 [ 288.970428] mount_fs+0x106/0x3ff [ 288.970442] ? emergency_thaw_all+0x1a0/0x1a0 [ 288.970456] ? __init_waitqueue_head+0x36/0x90 [ 288.986267] vfs_kern_mount.part.0+0x6f/0x410 [ 288.990759] do_mount+0x581/0x2d30 [ 288.994300] ? copy_mount_string+0x40/0x40 [ 288.998535] ? copy_mount_options+0x234/0x440 [ 289.003023] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 289.007891] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.013440] ? copy_mount_options+0x30e/0x440 [ 289.017931] ksys_mount+0xdb/0x150 [ 289.021462] __x64_sys_mount+0xbe/0x150 [ 289.021479] do_syscall_64+0x103/0x610 [ 289.021495] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.034479] RIP: 0033:0x457e29 [ 289.037665] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.056574] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.064313] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 289.071570] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 289.078849] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 289.086116] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 289.093553] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:09 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x28402, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)=""/53, 0x35}, {&(0x7f00000001c0)=""/216, 0xd8}, {&(0x7f00000002c0)=""/70, 0x46}], 0x3, &(0x7f0000000380)=""/107, 0x6b}, 0x103) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={@dev={0xfe, 0x80, [], 0xf}, 0x24, r1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:09 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 289.109435] kernel msg: ebtables bug: please report to author: Wrong size [ 289.180093] IPVS: ftp: loaded support on port[0] = 21 01:41:09 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:09 executing program 5 (fault-call:3 fault-nth:35): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 289.325035] kernel msg: ebtables bug: please report to author: Wrong size [ 289.344811] FAULT_INJECTION: forcing a failure. [ 289.344811] name failslab, interval 1, probability 0, space 0, times 0 [ 289.380612] CPU: 0 PID: 12000 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 289.387898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.397239] Call Trace: [ 289.399825] dump_stack+0x172/0x1f0 [ 289.403462] should_fail.cold+0xa/0x1b [ 289.407338] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 289.412433] ? lock_downgrade+0x810/0x810 [ 289.416576] ? ___might_sleep+0x163/0x280 [ 289.420717] __should_failslab+0x121/0x190 [ 289.424949] should_failslab+0x9/0x14 [ 289.428764] kmem_cache_alloc_trace+0x2d1/0x760 [ 289.433435] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 289.438540] __memcg_init_list_lru_node+0x8a/0x1e0 [ 289.443481] __list_lru_init+0x3d3/0x6e0 [ 289.447542] sget_userns+0x84d/0xd30 [ 289.451254] ? get_anon_bdev+0xc0/0xc0 [ 289.455139] ? get_anon_bdev+0xc0/0xc0 [ 289.459018] sget+0x10c/0x150 [ 289.462118] ? ovl_show_options+0x550/0x550 [ 289.466430] mount_nodev+0x31/0x110 [ 289.470056] ovl_mount+0x2d/0x40 [ 289.473414] mount_fs+0x106/0x3ff [ 289.476860] ? emergency_thaw_all+0x1a0/0x1a0 [ 289.481346] ? __init_waitqueue_head+0x36/0x90 [ 289.485924] vfs_kern_mount.part.0+0x6f/0x410 [ 289.490414] do_mount+0x581/0x2d30 [ 289.493950] ? copy_mount_string+0x40/0x40 [ 289.498195] ? copy_mount_options+0x223/0x440 [ 289.502680] ? write_comp_data+0x17/0x70 [ 289.506733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.512260] ? copy_mount_options+0x30e/0x440 [ 289.516746] ksys_mount+0xdb/0x150 [ 289.520279] __x64_sys_mount+0xbe/0x150 [ 289.524257] do_syscall_64+0x103/0x610 [ 289.528244] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.533422] RIP: 0033:0x457e29 [ 289.536627] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.555526] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.563226] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 289.570480] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:41:09 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}}) r1 = userfaultfd(0x0) close(r1) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:09 executing program 2: setrlimit(0xf, &(0x7f0000000100)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x101000, 0x0) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080), 0x4) 01:41:09 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40, 0x0) prctl$PR_SET_MM(0x23, 0x106, &(0x7f0000ffb000/0x1000)=nil) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000080)=""/106) 01:41:09 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x300, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:09 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 289.577739] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 289.585207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 289.592464] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:09 executing program 5 (fault-call:3 fault-nth:36): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:09 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000080)) [ 289.691022] kernel msg: ebtables bug: please report to author: Wrong size 01:41:09 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000080)=0x1e) [ 289.796088] IPVS: ftp: loaded support on port[0] = 21 01:41:09 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:09 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x5c0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x49, 0x10000, 0x7, 0x81}, {0x9, 0x3d, 0x7, 0x1}, {0x1, 0x5, 0x5, 0x81}]}) ioctl$PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000000100)=0x3) [ 289.820083] FAULT_INJECTION: forcing a failure. [ 289.820083] name failslab, interval 1, probability 0, space 0, times 0 01:41:09 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) ioctl$TUNSETLINK(r0, 0x400454cd, 0x33b) r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_G_FBUF(r1, 0x8030560a, &(0x7f00000000c0)={0x10, 0x30, &(0x7f0000000080)="4c9a693f0afe295bbc0f28e8f2d3a01457e72840a95a34e40ddb13b62b2d0959cddcf066994a280e327e72eb761c39", {0x15, 0x0, 0x32344d59, 0x7, 0x24fc, 0xffffffffffff8ca9, 0xf, 0xd85}}) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000180)={0x308, r2, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@TIPC_NLA_LINK={0x7c, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MEDIA={0xfc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xea4b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x35}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5f20ee3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x40}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x69}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x580}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x34}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0x48, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK={0x88, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffff800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3676}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0xac, 0x4, [@TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffffffd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x100}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1c0000000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}]}]}, 0x308}}, 0x800) [ 289.903595] CPU: 0 PID: 12022 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 289.911003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.911009] Call Trace: [ 289.911030] dump_stack+0x172/0x1f0 [ 289.911050] should_fail.cold+0xa/0x1b [ 289.930454] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 289.935561] ? lock_downgrade+0x810/0x810 [ 289.939708] ? ___might_sleep+0x163/0x280 [ 289.943861] __should_failslab+0x121/0x190 [ 289.948093] should_failslab+0x9/0x14 [ 289.951885] kmem_cache_alloc_trace+0x2d1/0x760 [ 289.951901] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 289.951917] __memcg_init_list_lru_node+0x8a/0x1e0 [ 289.951931] __list_lru_init+0x3d3/0x6e0 [ 289.970631] sget_userns+0x84d/0xd30 [ 289.974335] ? get_anon_bdev+0xc0/0xc0 [ 289.978218] ? get_anon_bdev+0xc0/0xc0 [ 289.982106] sget+0x10c/0x150 [ 289.985207] ? ovl_show_options+0x550/0x550 [ 289.989517] mount_nodev+0x31/0x110 [ 289.989553] ovl_mount+0x2d/0x40 [ 289.989586] mount_fs+0x106/0x3ff 01:41:10 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1000, 0x6000) bind$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e) ioctl$SIOCX25CALLACCPTAPPRV(r0, 0x89e8) syslog(0x9, &(0x7f0000000080)=""/209, 0xd1) [ 289.989602] ? emergency_thaw_all+0x1a0/0x1a0 [ 290.004476] ? __init_waitqueue_head+0x36/0x90 [ 290.004498] vfs_kern_mount.part.0+0x6f/0x410 [ 290.004516] do_mount+0x581/0x2d30 [ 290.004536] ? finish_automount+0x471/0x490 [ 290.021907] ? copy_mount_string+0x40/0x40 [ 290.026142] ? kmem_cache_alloc_trace+0x354/0x760 [ 290.030985] ? _copy_from_user+0xdd/0x150 [ 290.035133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.040660] ? copy_mount_options+0x30e/0x440 [ 290.040677] ksys_mount+0xdb/0x150 [ 290.040692] __x64_sys_mount+0xbe/0x150 [ 290.052640] do_syscall_64+0x103/0x610 [ 290.052659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.061688] RIP: 0033:0x457e29 [ 290.064882] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.064889] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.064902] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 290.064909] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 290.064916] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 290.064925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 290.098737] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 290.134732] kernel msg: ebtables bug: please report to author: Wrong size 01:41:10 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:10 executing program 3: setrlimit(0x4, &(0x7f0000000040)) 01:41:10 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x2, 0x8000) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0xf, 0x4, 0x7, 0x1a, 0x8, r0, 0x401}, 0x2c) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r0, 0xc008551b, &(0x7f00000000c0)={0x0, 0x8, [0xa9b3, 0xfffffffeffffffff]}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:10 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3e8, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:10 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:10 executing program 5 (fault-call:3 fault-nth:37): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:10 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x40000000013f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @dev}}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f00000002c0)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x6, @local}}}, 0x48) write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000340)={&(0x7f0000ffe000/0x1000)=nil, 0x1000}) write$RDMA_USER_CM_CMD_QUERY_ROUTE(0xffffffffffffffff, &(0x7f0000000600)={0x5, 0x10, 0xfa00, {&(0x7f00000003c0)}}, 0x18) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x24, r4, 0x0, 0x70bd27, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x8000) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc) fcntl$getownex(r0, 0x10, &(0x7f00000000c0)) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000180)) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f00000006c0)=0x0) getpgrp(r5) ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:10 executing program 2: setrlimit(0x1, &(0x7f0000000000)={0x80000000, 0x10000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 290.555142] kernel msg: ebtables bug: please report to author: Wrong size [ 290.588242] FAULT_INJECTION: forcing a failure. [ 290.588242] name failslab, interval 1, probability 0, space 0, times 0 [ 290.630993] IPVS: ftp: loaded support on port[0] = 21 [ 290.673972] CPU: 1 PID: 12061 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 290.681270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.690615] Call Trace: [ 290.690639] dump_stack+0x172/0x1f0 [ 290.690660] should_fail.cold+0xa/0x1b [ 290.690676] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 290.696865] ? lock_downgrade+0x810/0x810 [ 290.696882] ? ___might_sleep+0x163/0x280 [ 290.696904] __should_failslab+0x121/0x190 [ 290.718322] should_failslab+0x9/0x14 [ 290.722117] kmem_cache_alloc_trace+0x2d1/0x760 [ 290.726803] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 290.731908] __memcg_init_list_lru_node+0x8a/0x1e0 [ 290.736837] __list_lru_init+0x3d3/0x6e0 [ 290.740897] sget_userns+0x84d/0xd30 [ 290.744609] ? get_anon_bdev+0xc0/0xc0 [ 290.748498] ? get_anon_bdev+0xc0/0xc0 [ 290.752384] sget+0x10c/0x150 [ 290.755498] ? ovl_show_options+0x550/0x550 [ 290.759817] mount_nodev+0x31/0x110 [ 290.763444] ovl_mount+0x2d/0x40 [ 290.766915] mount_fs+0x106/0x3ff [ 290.770364] ? emergency_thaw_all+0x1a0/0x1a0 [ 290.774868] ? __init_waitqueue_head+0x36/0x90 [ 290.779547] vfs_kern_mount.part.0+0x6f/0x410 [ 290.784034] do_mount+0x581/0x2d30 [ 290.787570] ? finish_automount+0x471/0x490 [ 290.791896] ? copy_mount_string+0x40/0x40 [ 290.796120] ? kmem_cache_alloc_trace+0x354/0x760 [ 290.800955] ? _copy_from_user+0xdd/0x150 [ 290.805097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.810624] ? copy_mount_options+0x30e/0x440 [ 290.815113] ksys_mount+0xdb/0x150 [ 290.818646] __x64_sys_mount+0xbe/0x150 01:41:10 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000003}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:10 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f00000000c0)={r1, 0x1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000140)={0x1d52, 0x2, 0x100000000}) setrlimit(0xc, &(0x7f0000000000)={0x6, 0x3}) exit(0x1) [ 290.822616] do_syscall_64+0x103/0x610 [ 290.826503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.831678] RIP: 0033:0x457e29 [ 290.831690] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.853749] RSP: 002b:00007f29a6b45c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.853761] RAX: ffffffffffffffda RBX: 00007f29a6b45c90 RCX: 0000000000457e29 [ 290.853769] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 290.853777] RBP: 000000000073bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 290.853784] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b466d4 [ 290.853790] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:11 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x500, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 290.993995] kernel msg: ebtables bug: please report to author: Wrong size 01:41:11 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:11 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0) write$9p(r0, &(0x7f0000000080)="d9096ab79f1994fa493d482493e5a593aa161ec0fdf88660dd240e5b09110f7b6d51e71433006c75dd386a6f580c3c480b433b0847d1dfcf77a4a19d6335fb93247831eb79b2d1fde092b28961254cf67cd219ffcacebba7a485bed2c15637fa099917c4c1e19da4763c87783c995fa13fc22fa451f1dba384257ad1eb6a2a5144b14fffa4817dc87595cc876a9e1be96fffe702499dc7bcf3963d0962e36097a26601748d706a198f4a25b7d3138fc6004b3005179da27d2273fb32c4103dc6a84c00afd0f48ad1294fc6e8cee32ac461a4d09ee896cc33c2f533b7a0e973e63623c1ead838c1ebfa13fe414ef54ccf2aa42598a64962059143afb70c17cbec322c9233bd7d32ca36abad616ad5b9b8a21150eef19c4e03b9321b3e55588d6d168dc3768469d11543800cfb11d92dadf1b46d3c7b016a3539c4e685e194cd717c9a769a895baedaec19e7fdef05dd5a2410ec055dbd38cd2e91395f6ee7d9d0b021d3cb0939a03ba4d25a33e99a9de2cee002033a0743af233546cd32be32f336d2fd2dae91431fd7b52ba55171ddcef21478ab67c8bf2e001035a6f44ed69219f2e65a04460cb810ddb17ea3c7d6b3f36bd31946d023c3d0025621155927e37f316e647498568be9758f19946b37b3b24c2f3c91703b0706db187f81d3ab50a3c26e9c57b763bdcb5c71eeca6fc67c58079cd581c9d01c810496576575711b898d822292021d30239c8fe419505c3eaf2ab7fc5182dcabab26891f4d78163e18bc1027a49f7bf3a8675df586ba25d1669184975b4c44d8d79ac27aeeb60304a721792ba8a0d6d9380e26bddd8c9568826afda7cf45c9e672b239882bd300b6648ec88c1ef1b8810a76b6cc44147a84e7cfe1d0c3909a7e60b22e6344f9160b34b5f43503a77d21e78ea49ed96e063e3672da45fe8d60bac478538fdb4c05014623fff25d39c5a0c1b29996cb4045526533f2b029c0eeb13eceaf73d5dac2df4c0b3094fbe4749aff587a93ba75fb67a6aed6c056503bdab163477a83bebc7c64024cd4be0f39b19dd363821e9cbd1a4f8bc5b7391f7356540966d3d12a0668e35a7c2945ebe25f66a7bc696bf53b7167b9929abf34803fa31fcf53f45717048aafda87f0db5306fa720e5802773d77e3e85bf8bd70d23de8dc1efddef9a05cf5287b5ccf1d373eebd5db10703b862da9cdba1f750ba5671ce8c532d5a979c794159dbb24011000921f13a45ee58ba2c8b57cb9286cf471b426b50c24d2829012aa46663995a5defe6dae403d72a607bfa2f170376eddb7e5ce138633a6e083d8ac0c64a0ac684dd3ab764294b8a7291233285caf9506f331fa12087da510f67338fefceacafb92849802980e73bd90c04e0f6a9c3f9398d04525ad51ed683139a4dc8551996f1390dc0998ec608dae90dcadb39c7d3d39c1d37957d1f42fd70d36e5cafd46d8843306870a9ba7ddfad4b774c2fa69afb262bdc9d1c293d9bba3d61e063215c069b5323863bf2c0ac951baec6cf82ce35ae212f2902caec8e0395185b2af212d9e9a5acae86ca476f86491fdfc269f39b943822d4086e1570fba2bef4d22923bc904abcddf8331e728f14c11ee3d01adbc271c3f611d7424a35fd8dd2059a4609dd9111b3bc64aa3e8229641a1b27e6d7c78c1e79df740774e2938ce99110d4815c50b8cf113c80f62edd654dba96a92da000d33a115946f0cb7dabf474d6716116ae7c6571cf829f8c65509c28c85495b45b3fc4792257ef146b48412121a607b2674e3fe1c582b9fa314e9da12b154338be36ce4e5f161d3d28fcf0aec621effeb5b6a45971746940a00e60e8aebf71652e3795de45d872a06044c6fa66f03ae0bdd508446bdfa7f6a7a9674566ef071ccfcadbb227ca86fcb9d8eaa7b31dd812e4595112ce9c9176cfe09bed1237881a7002e9c13730d5953e0ba43e808ffa060ffeb9936c253bec94dc6af81a2d2dfe9d3fec1369a3672d8ccd401ca9107a72f357442d95beb078cbad19a902ce14979f70efa3566a799119ef310beeabd595253d257d87d6d201be45843a5b67564fe8a3e619a8c8fa4778a9179ddba6b25f914b29187a13738c13394e8b442d9cb3820f4eb299e893ba20cbb4357316347c8f3f339b9382c3e943725bb81efd146493afb16a5fcdb034caf788a867aff28df0226009d8c1a7307faec7ea0f3564ff9fd63e8eba80ebacc09fcd1d8857e7cae557c87d0a2ee4778156fe8ae3a07d3f4308aa271afef342346ffe70ec682804ed6949a1caf2b394c79502b28b96a9e54a89c67055cc0d74e51c90605a9a7ac872f0ac943f16ee211c7a3b4ac97bb615e2ad1ae2d0f7df794e853f9c5420b87112137bdee4163872cc438cd2eaeece9b922c6a0f1a13b2459116d81bbbecb7ba344e07b9eab5f0b2a0f9b19b0f8a400dc7f9459382f8d284b0b317ad6e080790fcb69c19382b581f08979ce7a8a7792413975d005ab4497119e54ed8c14dfb2dc545bba36cd87abd2e3ae6ec1c5aedc09af90ea793087567662d136c8c9059751d62b0edeb45fc8d9a08b22f41954ff3613a43c950c99d24ec6423ae6b705c137c05580e014a0d410d6cb895721e1c32fab9c0eac4e9435fcfd2882030fb62e48d82fa6fa9c4f92480d20129963fa0d64babb7a8b7d83fdc81b833d8d46b856f9beed347e4cf0cbd7356053f2fcc0fa8f008cef27ca1b74e65d374a24af46c63fafae186c278fe7712a5daa68b5b3d883bfdd593a97b02f25ba6fb3ff0b2f1a2f4f33f289bab9a72362d03ea5333f737bd1e0f4efac05b2ece4528322b0990400c819ca1b8cee577512bab31ca8c0694d0e8da05bcaf48e4dc58a445f8232a6c8b67c4f2bf1b3d151e239e41a6d5d58aaeb4e9120dd669949c5f46c597f1f0030dc076968e751a23acfa676ed3d2e04218f38c69a6e58d6536a1969dc5f3f4e14e9a42bdecd445a06e2aef77cbf823de12bac7e1e695042e1cc1922bbbb69a9b622e45647d98c286c21b8aa72d555ff6943efd4a3d6a09b42c097a78d988bd9108bbb5807a6f18af8b5992431e396b2545da6d8dd8c07bdd4d40639d970796f4f0b885c91161194895646e5842b833bf7c95120c85b5cb22e71126b71ea3601ae1859f90865d0fda876e5986c6aaa83c2cbb6384f4a9107f9ec69d5e84ddfc6a2869b23e55d8e16798f99ff1bdd12f72fd27646da9883823fc90b80f5282fd28b84cc7ce2bf5121538693b9f34b6cecc88e566df067160ce2be64f5a3e5e8019c8a66ed3d7fe990a8e5dfa565fd80fb80c5354098f5109cae6c497c576eb73dcf8b51cb4950f04960cd3994f453f2808889b9aad6236455f95ad03a0b5b715e913de6e24ca61522268f3adbe869977359470d5d87ce30038b3e588173776ca7d69451cd89029e7a3bcee28cc0e298c1ecb4c85065a0783f503aef80db36a4ce73a9dd86ed7e6117939f5d5d5bba33a81aec1a35ab254b0d91b2d849f53a5acb1326704cbc17eea5bf4f84abce6bf89bbc6992e5778b6299182cb373de25c0a442b00034853f15693c59405bd2a9486fc72f75c2ee00d17574b0d9bdaf62a451a6ddeae36e6980f5ad9c747335a800b39169de061393ee77dcc23992c422669b3bfb81e028a90f396fb2fd0a29e25864d37d7e55994331d575fb690155fe0280c3999050cc864c86af681f662418d7054c5d2cac953ede3e0fea11981627faba3705d8e59b89f4b538323feaa869b41c4ae0ce06c0b2405ee81afc945a0769c84f61b07545d8716bd231b546bfa17b8e370e5aec3ce2d9f2e45538bfeb0031acaa91dfa61da9fa7f22ff316b3f5d7386f91f27fcf03ec043e4adc21819c564eacbfe42610f374db82f495c4a1e4a3ac30f02fb13225db2306557f611445a45082677c29a8c69155a4eb250e45774d71501e889ddc18dfde93d429319cb4b18987a508c07d900945bcbba965ee9329d9b1bf8fdb23eca1caf66bf08e55e6caaafcbeb62e76be39097edc25aa6fc6fa62967f134d02ab9b00826d887e65709a9fbeb6ea064b2285aab650ffa84df67f531523ae06ae950098c4fbae8158e53ea638a18d90e6ce75f31c4a2a404e48213c2488d72c94cb196d7749d27e2cf916a51a6b0cd0b86a943e944c7c06191da02ea8d84a2496b55751fd71cad0db477df4b1988d9a33c2c2c39bf1de92c13de81b936643cb6c982fff4d9f2393dc7b1bc05c3e00274a30561e7d31f88aa81b038be31d95cc92f3f3bd8f788cbcfc28bf1105860d08415c1d7eefe48e3b7f3dc1c32bcefc8273a04a966953d322c1afc424abedf6f775b23a591899aa0eed4fef432849486382c240e260da4038b9844feb0c18b45baca2c6fdcfeea6bd751560766185ed1da72ce7da8c4a03539cbbd13e8d96726ba104022ec626733598fa078712b61318f64849dce5c3ecda9e783b89c0e3d1d4ed46945b629c32e1ebd8f067bcc681feda15b5e3bf4fd3468274b1d4fbec96e9a725beb058972a751c527f63dce2506674fb87fb8e4adc9155f945bc6841dd56ecfb8db2488f782d1258b7c2ca945356fe11b6a3b24d1b600540d98b8be0e49d740be37382619dce1a67bcd06e592e7c226e3644902cfb3e2b1eb79881fe24fa2a1a1aa0d0aacce8a713e19291eb34d0c67efb3bc433708cfb72489c7c39c95e5d13584cb65c6a9718a8e823c6ae6db60b51c67893e4bb3b9b338e8bf31c6f6956f7adc3e7069ee22d6d3080db3bc9f67177c5dd533f4fcaf32965e2ededbf85d448828cb5a14858caea2d215d16345e8470d29602ff580fea5a838f3c2b7680a90f9e06888f29db7dc841fd3950cf05c19f018ab7631a98c8b683ed2672f4f8bd132f24bfd4fa331d8cd748541f29a9954226412de1158ff5a6e23e1ac6f8ab98fa964e4c8df31a87c55c5ae006488bebed9452bdf700c11250fee06458254a157414d2eddc8d69b8267d0e14631d89689d695acd54efbac7311cc74b7b29e6d6b6acca811c23045bdb4d6060cc12bbaf716c08129b7ba8301518a32b1f8578939932873d92d631bad38debf2c00525f67d1295dbe9e0470234693461c6c5a7e6516043aa8c6f5356aecf61a998e9026d4aa52d3c63b39b1adc8e4606d8341b529ee6a5c1e16acf08c4ec81a1da6023362edeebe098d40a089f0ed90f541daa00cec9eb2fbd0e455fd99dbbd8848f0942f9e1fed0c8b7e36fcda35e05fdac6ba8989cc1796e109fae292cf56313809c2594edab6ec33886eeeecb64eec68adaad9770fc77a116be89fd2e04e42ddfeee3d2c77c0239588182c35f1d4eb1eb35c27048f6eef0e8fcaa02c8bbb6f6470f6fdb67c412c1231fde6a0b78eabb4cb4af275dc1e1e7d9fc0d4694f9b9abd1aed26eb23b055dad790d9187a5a24e130fa73d33b4879ac88e00f7e7d3378e76839a5a4ce4c45902eb82946f19dce75d7921d9f0950769b80abecf04d79d8032e8161ca6006095ca9a721e37416fce83032c77eb85c8095c6abefc6f10213ba90a8a4ddabae9326e6631416158cb6b38cd368e6b95385b2feca2f0b2d5776d0a18fbd7376ddfeae89978de6590c837edd5f0e0bdc8f57fbae540904e7e89dff42de37e75fff0b92913b9041c1ad3229954d4b821a35cb72bf3611c10288b13150f4b802d73fbdfb101090d8c6a206aae88ee81e95ffb2c04d649d4b0986e0dc7acd4d40af06a0989a1a32defff3eabeef4128ef027a91d04309cb5b25f881454d206d5788ba30767cfa2ff74afb0a2476a9968acfeb90878354e59fc77bbfad9fefd3b8ff1a", 0x1000) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000001080)={0x0, 0x100000001}, &(0x7f00000010c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000001100)={r1, 0xe5, 0xbc, "b865052c76719aeb2e7271c83aa1675cf7ea81d827a328498700e2143a18c7fd79f9a3fb6a44ca3bcc5084dcf742949cf3d5418c0912f4a5924377f289232211c2524ac3d14e07a5c1ad1ea4f4e3f4838400f29b14a4b10a61dfa3cb91ad5b1ded64546cdfb46bcda2437e16b8821e8a595bdf53345df73b394023c20c134927ff51f7c98bd25de156b5d20fa1500ea96c954eeaf63f172d080ca28b31f6493fd32c6960a7970457195746e8aa927dad0135302bf381498f03a6efad"}, 0xc4) 01:41:11 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:11 executing program 5 (fault-call:3 fault-nth:38): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x700, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 291.196155] kernel msg: ebtables bug: please report to author: Wrong size [ 291.223086] FAULT_INJECTION: forcing a failure. [ 291.223086] name failslab, interval 1, probability 0, space 0, times 0 [ 291.239627] CPU: 1 PID: 12093 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 291.246993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.256439] Call Trace: [ 291.259024] dump_stack+0x172/0x1f0 [ 291.262650] should_fail.cold+0xa/0x1b [ 291.266534] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 291.271634] ? lock_downgrade+0x810/0x810 [ 291.275788] ? ___might_sleep+0x163/0x280 [ 291.279937] __should_failslab+0x121/0x190 [ 291.284164] should_failslab+0x9/0x14 [ 291.287959] kmem_cache_alloc_trace+0x2d1/0x760 [ 291.292620] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 291.297734] __memcg_init_list_lru_node+0x8a/0x1e0 [ 291.302654] __list_lru_init+0x3d3/0x6e0 [ 291.302670] sget_userns+0x84d/0xd30 [ 291.302682] ? get_anon_bdev+0xc0/0xc0 [ 291.314380] ? get_anon_bdev+0xc0/0xc0 [ 291.318262] sget+0x10c/0x150 [ 291.321456] ? ovl_show_options+0x550/0x550 [ 291.325773] mount_nodev+0x31/0x110 [ 291.329396] ovl_mount+0x2d/0x40 [ 291.332765] mount_fs+0x106/0x3ff [ 291.336219] ? emergency_thaw_all+0x1a0/0x1a0 [ 291.340705] ? __init_waitqueue_head+0x36/0x90 [ 291.345288] vfs_kern_mount.part.0+0x6f/0x410 [ 291.349823] do_mount+0x581/0x2d30 [ 291.353367] ? finish_automount+0x471/0x490 [ 291.357686] ? copy_mount_string+0x40/0x40 [ 291.361911] ? kmem_cache_alloc_trace+0x354/0x760 [ 291.366752] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.369679] IPVS: ftp: loaded support on port[0] = 21 [ 291.372301] ? copy_mount_options+0x30e/0x440 [ 291.381957] ksys_mount+0xdb/0x150 [ 291.385495] __x64_sys_mount+0xbe/0x150 [ 291.389475] do_syscall_64+0x103/0x610 [ 291.393365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.398560] RIP: 0033:0x457e29 [ 291.401847] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.420828] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 291.428540] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 291.428549] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:41:11 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x2000)=nil) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffff9c, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, 0xffffffffffffff9c}) ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, 0x7, 0x5, 0xca, &(0x7f0000ff9000/0x3000)=nil, 0x3}) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x80000, 0x0) recvfrom$rxrpc(r1, &(0x7f0000000100)=""/4096, 0x1000, 0x40000000, &(0x7f0000001100)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, [], 0x24}, 0x400}}, 0x24) 01:41:11 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$VIDIOC_DQBUF(0xffffffffffffff9c, 0xc0585611, &(0x7f0000000080)={0x40, 0x1, 0x4, 0x40000, {0x0, 0x7530}, {0x2, 0xc, 0x4, 0x200, 0x80000001, 0x9, "9734a0e6"}, 0x20, 0x0, @planes=&(0x7f0000000000)={0x3f, 0x3, @fd=0xffffffffffffffff, 0x2}, 0x4}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) tee(r0, r1, 0x4e78d28c, 0x4) 01:41:11 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x900, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 291.443056] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 291.450313] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 291.450321] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 291.473915] kernel msg: ebtables bug: please report to author: Wrong size 01:41:11 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = socket(0x3, 0x2, 0x250) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e21, 0x1000, @empty, 0x7f}, @in={0x2, 0x4e21, @broadcast}, @in={0x2, 0x4e24, @rand_addr=0x63}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}, @in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e24, 0xc4, @mcast1, 0x8}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e22, @broadcast}], 0xa8) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x101, 0x100) ioctl$SCSI_IOCTL_PROBE_HOST(r2, 0x5385, &(0x7f0000000180)={0x72, ""/114}) sched_getscheduler(r1) 01:41:11 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:11 executing program 3: setrlimit(0x4, &(0x7f0000000000)={0x0, 0x10}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000fff000/0x1000)=nil) 01:41:11 executing program 5 (fault-call:3 fault-nth:39): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:11 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(0xffffffffffffffff) clone(0x4800a000, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 291.836762] kernel msg: ebtables bug: please report to author: Wrong size [ 291.837938] FAULT_INJECTION: forcing a failure. [ 291.837938] name failslab, interval 1, probability 0, space 0, times 0 [ 291.866018] CPU: 0 PID: 12135 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 291.873433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.882779] Call Trace: 01:41:12 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 291.885368] dump_stack+0x172/0x1f0 [ 291.889005] should_fail.cold+0xa/0x1b [ 291.892896] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 291.898020] ? lock_downgrade+0x810/0x810 [ 291.902166] ? ___might_sleep+0x163/0x280 [ 291.906316] __should_failslab+0x121/0x190 [ 291.910549] should_failslab+0x9/0x14 [ 291.914343] kmem_cache_alloc_trace+0x2d1/0x760 [ 291.919014] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 291.924121] __memcg_init_list_lru_node+0x8a/0x1e0 [ 291.929046] __list_lru_init+0x3d3/0x6e0 [ 291.933104] sget_userns+0x84d/0xd30 [ 291.936814] ? get_anon_bdev+0xc0/0xc0 [ 291.940700] ? get_anon_bdev+0xc0/0xc0 [ 291.944585] sget+0x10c/0x150 [ 291.944602] ? ovl_show_options+0x550/0x550 [ 291.944615] mount_nodev+0x31/0x110 [ 291.944628] ovl_mount+0x2d/0x40 [ 291.944641] mount_fs+0x106/0x3ff [ 291.944660] ? emergency_thaw_all+0x1a0/0x1a0 [ 291.944674] ? __init_waitqueue_head+0x36/0x90 [ 291.944692] vfs_kern_mount.part.0+0x6f/0x410 [ 291.944708] do_mount+0x581/0x2d30 [ 291.944721] ? finish_automount+0x471/0x490 01:41:12 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 291.944737] ? copy_mount_string+0x40/0x40 [ 291.944749] ? kmem_cache_alloc_trace+0x354/0x760 [ 291.944764] ? _copy_from_user+0xdd/0x150 [ 291.944782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.952167] ? copy_mount_options+0x30e/0x440 [ 291.952185] ksys_mount+0xdb/0x150 [ 291.952200] __x64_sys_mount+0xbe/0x150 [ 291.978874] kernel msg: ebtables bug: please report to author: Wrong size [ 291.979709] do_syscall_64+0x103/0x610 [ 291.979726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.979738] RIP: 0033:0x457e29 [ 292.007178] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.014643] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 292.014656] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 292.014663] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 292.014671] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 01:41:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe00, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:12 executing program 3: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x100, 0x0) ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000000c0)={0x1, 0xff77577f, 0x3, @stepwise={0x1, 0x9, 0x6, 0xf9d, 0x5, 0x9}}) r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x0) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) write$P9_RWSTAT(r1, &(0x7f0000000100)={0x7, 0x7f, 0x1}, 0x7) 01:41:12 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r0, 0x4010641a, &(0x7f00000000c0)={0xa, &(0x7f0000000080)=[0x3, 0x6, 0xa49, 0x100000000, 0x81, 0x2, 0x81, 0xad, 0xcf4, 0x7]}) [ 292.014678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 292.014686] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 292.124272] kernel msg: ebtables bug: please report to author: Wrong size 01:41:12 executing program 5 (fault-call:3 fault-nth:40): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 292.234186] FAULT_INJECTION: forcing a failure. [ 292.234186] name failslab, interval 1, probability 0, space 0, times 0 [ 292.250709] CPU: 0 PID: 12163 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 292.257989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.267539] Call Trace: [ 292.270107] dump_stack+0x172/0x1f0 [ 292.273732] should_fail.cold+0xa/0x1b [ 292.277628] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 292.282743] ? lock_downgrade+0x810/0x810 [ 292.286896] ? ___might_sleep+0x163/0x280 [ 292.291070] __should_failslab+0x121/0x190 [ 292.295301] should_failslab+0x9/0x14 [ 292.299081] kmem_cache_alloc_trace+0x2d1/0x760 [ 292.303736] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 292.308935] __memcg_init_list_lru_node+0x8a/0x1e0 [ 292.313931] __list_lru_init+0x3d3/0x6e0 [ 292.317969] sget_userns+0x84d/0xd30 [ 292.321660] ? get_anon_bdev+0xc0/0xc0 [ 292.325530] ? get_anon_bdev+0xc0/0xc0 [ 292.329395] sget+0x10c/0x150 [ 292.332481] ? ovl_show_options+0x550/0x550 [ 292.336812] mount_nodev+0x31/0x110 [ 292.340416] ovl_mount+0x2d/0x40 [ 292.343812] mount_fs+0x106/0x3ff [ 292.347246] ? emergency_thaw_all+0x1a0/0x1a0 [ 292.351825] ? __init_waitqueue_head+0x36/0x90 [ 292.356418] vfs_kern_mount.part.0+0x6f/0x410 [ 292.360897] do_mount+0x581/0x2d30 [ 292.364415] ? finish_automount+0x471/0x490 [ 292.368713] ? copy_mount_string+0x40/0x40 [ 292.373030] ? kmem_cache_alloc_trace+0x354/0x760 [ 292.377857] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.383373] ? copy_mount_options+0x30e/0x440 [ 292.387863] ksys_mount+0xdb/0x150 [ 292.391394] __x64_sys_mount+0xbe/0x150 [ 292.395360] do_syscall_64+0x103/0x610 [ 292.399227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.404410] RIP: 0033:0x457e29 [ 292.407595] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.422509] net_ratelimit: 20 callbacks suppressed [ 292.422516] protocol 88fb is buggy, dev hsr_slave_0 [ 292.426491] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 292.426507] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 292.426516] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 292.426526] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 292.431484] protocol 88fb is buggy, dev hsr_slave_1 [ 292.436453] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 01:41:12 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x100, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000080)={0x0, 0x8, 0x1011, 0x1}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xff3, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:12 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = epoll_create1(0x80000) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000140)={0x8001, 0x3, 0xc0a, 0xfffffffffffffff7, 0x3}) syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00') r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x80000, 0x0) r2 = getpgid(0xffffffffffffffff) ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f00000001c0)=r2) syz_open_dev$radio(&(0x7f0000000240)='/dev/radio#\x00', 0x3, 0x2) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000a00000/0x600000)=nil) prctl$PR_SET_FP_MODE(0x2d, 0x3) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x40000) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r3, 0xc0bc5310, &(0x7f0000000080)) 01:41:12 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 292.436461] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 292.539353] kernel msg: ebtables bug: please report to author: Wrong size [ 292.616158] IPVS: ftp: loaded support on port[0] = 21 [ 292.725173] Unknown ioctl -1070574078 [ 292.742637] protocol 88fb is buggy, dev hsr_slave_0 [ 292.747896] protocol 88fb is buggy, dev hsr_slave_1 01:41:12 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:12 executing program 5 (fault-call:3 fault-nth:41): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:12 executing program 2: r0 = openat$dsp(0xffffffffffffff9c, 0xfffffffffffffffe, 0x400040, 0x0) ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f0000000080)={0x5, @capture={0x1000, 0x1, {0xfff, 0x9}, 0x5, 0x4}}) setrlimit(0xf, &(0x7f0000000040)={0x5, 0x8000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000000)) 01:41:12 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1100, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:12 executing program 3: setrlimit(0xe, &(0x7f0000000000)={0xfffffffffffffff8, 0x20000000000000}) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ff4000/0x4000)=nil) 01:41:12 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x400840, 0x0) write$ppp(r0, &(0x7f0000000100)="d74e908d3c551a3f5f308201967ca3adebbc95ad2ea8cefcacff5e904e9d8ae1ffffffffffffff909d677bf9edcf7b328a01f1dfa58f765bc2e24aa3315600", 0x3f) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 292.851681] kernel msg: ebtables bug: please report to author: Wrong size [ 292.865829] FAULT_INJECTION: forcing a failure. [ 292.865829] name failslab, interval 1, probability 0, space 0, times 0 01:41:13 executing program 3: setrlimit(0x2, &(0x7f0000000040)={0xffffffff}) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) ioctl$CAPI_GET_FLAGS(r0, 0x80044323, &(0x7f0000000640)) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x100) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4001}, 0xc, &(0x7f0000000400)={&(0x7f0000000100)={0x2dc, r2, 0x308, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x34, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}]}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_LINK={0x154, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc00000000000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x63e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffffb}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffe01}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}]}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xae6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0x88, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffffffffff4f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4a4}]}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x98, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffffb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3ce}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe7f4}]}]}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x20008000}, 0x4c000) bind$pptp(r0, &(0x7f0000000680)={0x18, 0x2, {0x2, @local}}, 0x1e) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0xa1a000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0x90, r2, 0x104, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x28, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10000}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xd18}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x17}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffffffffffffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffffffff64c}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4040001}, 0x800) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:13 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000080)={0x3, 0x0, 'client0\x00', 0xffffffff80000000, "af9fea3b58a6d846", "3959202fbe21e18d7045fd4b374ab484b5238c51b40c84e05639abfafe87b4f6", 0x10001, 0x10001}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:13 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 292.992627] CPU: 0 PID: 12193 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 293.000017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.009448] Call Trace: [ 293.012037] dump_stack+0x172/0x1f0 [ 293.015673] should_fail.cold+0xa/0x1b [ 293.019556] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 293.024668] ? lock_downgrade+0x810/0x810 [ 293.028827] ? ___might_sleep+0x163/0x280 [ 293.033008] __should_failslab+0x121/0x190 [ 293.037244] should_failslab+0x9/0x14 [ 293.041032] kmem_cache_alloc_trace+0x2d1/0x760 [ 293.045736] __memcg_init_list_lru_node+0x8a/0x1e0 [ 293.045752] __list_lru_init+0x3d3/0x6e0 [ 293.045769] sget_userns+0x84d/0xd30 [ 293.045782] ? get_anon_bdev+0xc0/0xc0 [ 293.062302] ? get_anon_bdev+0xc0/0xc0 [ 293.066186] sget+0x10c/0x150 [ 293.069287] ? ovl_show_options+0x550/0x550 [ 293.073614] mount_nodev+0x31/0x110 [ 293.077239] ovl_mount+0x2d/0x40 [ 293.080601] mount_fs+0x106/0x3ff [ 293.084049] ? emergency_thaw_all+0x1a0/0x1a0 [ 293.088539] ? __init_waitqueue_head+0x36/0x90 01:41:13 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 293.093124] vfs_kern_mount.part.0+0x6f/0x410 [ 293.097643] do_mount+0x581/0x2d30 [ 293.101181] ? finish_automount+0x471/0x490 [ 293.105503] ? copy_mount_string+0x40/0x40 [ 293.109754] ? kmem_cache_alloc_trace+0x354/0x760 [ 293.114595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.120119] ? copy_mount_options+0x30e/0x440 [ 293.124611] ksys_mount+0xdb/0x150 [ 293.128146] __x64_sys_mount+0xbe/0x150 [ 293.132118] do_syscall_64+0x103/0x610 [ 293.136014] entry_SYSCALL_64_after_hwframe+0x49/0xbe 01:41:13 executing program 3: setrlimit(0x2, &(0x7f0000000040)) [ 293.141194] RIP: 0033:0x457e29 [ 293.144384] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.163279] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 293.170990] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 293.178248] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 293.178257] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 01:41:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1500, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 293.178265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 293.178274] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 293.202848] kernel msg: ebtables bug: please report to author: Wrong size [ 293.222498] protocol 88fb is buggy, dev hsr_slave_0 [ 293.227589] protocol 88fb is buggy, dev hsr_slave_1 01:41:13 executing program 5 (fault-call:3 fault-nth:42): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:13 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:13 executing program 2: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x14d000, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r1 = socket(0x0, 0x7, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f0000000000)=0xe8) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000180)={@loopback, r2}, 0x14) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x480, 0x0) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000ffa000/0x2000)=nil) write$FUSE_INIT(r3, &(0x7f0000000280)={0x50, 0x0, 0x1, {0x7, 0x1c, 0x4, 0x20004, 0x6, 0x3ff, 0x5, 0x7f}}, 0x50) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000240)={0x6000, 0x4000}) 01:41:13 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) flock(r0, 0x3) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="5e00000009a6a79887fd8459ce9594f88a1594c4328090592a8cca1cc843ff841fe36264f569df210b7643e91acbfac89f27375be7181332d71c47af171b98aac79b0d12e063f34e76567ce286008ed1bce1fbc4c885d979f862152a2383ab7692d33ee287c5cdca873570ebf1a50b8b05bc3f32e8808f7469823800000000bf90f3970352d5438a4bdf8a8ea3d1c78cb9d927020ca5717cf55c18420658c816e33eff4537f267fb1a4206c970"], &(0x7f0000000000)=0x66) r2 = getpid() wait4(r2, &(0x7f0000000080), 0x1, &(0x7f0000000140)) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r1, 0x8001, 0x20}, 0xfffffffffffffe6c) [ 293.379053] kernel msg: ebtables bug: please report to author: Wrong size 01:41:13 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ff3000/0x2000)=nil) 01:41:13 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 293.432197] FAULT_INJECTION: forcing a failure. [ 293.432197] name failslab, interval 1, probability 0, space 0, times 0 [ 293.492955] CPU: 0 PID: 12238 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 293.500248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.509625] Call Trace: [ 293.512211] dump_stack+0x172/0x1f0 [ 293.515841] should_fail.cold+0xa/0x1b [ 293.517238] kernel msg: ebtables bug: please report to author: Wrong size [ 293.519729] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 293.519744] ? lock_downgrade+0x810/0x810 [ 293.519759] ? ___might_sleep+0x163/0x280 [ 293.540003] __should_failslab+0x121/0x190 [ 293.544236] should_failslab+0x9/0x14 [ 293.548038] kmem_cache_alloc_trace+0x2d1/0x760 [ 293.552701] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 293.557803] __memcg_init_list_lru_node+0x8a/0x1e0 [ 293.562731] __list_lru_init+0x3d3/0x6e0 [ 293.566795] sget_userns+0x84d/0xd30 [ 293.570506] ? get_anon_bdev+0xc0/0xc0 [ 293.574401] ? get_anon_bdev+0xc0/0xc0 [ 293.578288] sget+0x10c/0x150 [ 293.581395] ? ovl_show_options+0x550/0x550 [ 293.585726] mount_nodev+0x31/0x110 [ 293.589383] ovl_mount+0x2d/0x40 [ 293.592778] mount_fs+0x106/0x3ff [ 293.596223] ? emergency_thaw_all+0x1a0/0x1a0 [ 293.600719] ? __init_waitqueue_head+0x36/0x90 [ 293.605386] vfs_kern_mount.part.0+0x6f/0x410 [ 293.605402] do_mount+0x581/0x2d30 [ 293.613394] ? copy_mount_string+0x40/0x40 [ 293.613414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.613427] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.613440] ? copy_mount_options+0x30e/0x440 [ 293.613457] ksys_mount+0xdb/0x150 [ 293.613472] __x64_sys_mount+0xbe/0x150 01:41:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x2000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:13 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffb000/0x2000)=nil) 01:41:13 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 293.613489] do_syscall_64+0x103/0x610 [ 293.644815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.649992] RIP: 0033:0x457e29 [ 293.653170] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.653177] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 293.653190] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 293.653197] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 293.653204] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 293.653211] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 293.653218] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 293.712485] protocol 88fb is buggy, dev hsr_slave_0 [ 293.721744] protocol 88fb is buggy, dev hsr_slave_1 [ 293.722502] protocol 88fb is buggy, dev hsr_slave_0 [ 293.731789] protocol 88fb is buggy, dev hsr_slave_1 [ 293.760200] kernel msg: ebtables bug: please report to author: Wrong size 01:41:14 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:14 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x2, 0x480000) preadv(r0, &(0x7f0000000240), 0x0, 0x0) getrlimit(0xf, &(0x7f0000000000)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x100, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f00000000c0)={0x800, {{0xa, 0x4e24, 0x0, @loopback, 0x9}}}, 0x88) unshare(0x100) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000180)={0x1128, 0x4, 0xfffffffffffffae9, 0xffffffff, 0x6, 0x8}) getrusage(0x1, &(0x7f0000000240)) 01:41:14 executing program 5 (fault-call:3 fault-nth:43): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:14 executing program 3: setrlimit(0x44, &(0x7f0000000040)={0xfffffffffffffffd, 0x411d}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:14 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:14 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 294.031597] FAULT_INJECTION: forcing a failure. [ 294.031597] name failslab, interval 1, probability 0, space 0, times 0 [ 294.047612] kernel msg: ebtables bug: please report to author: Wrong size 01:41:14 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000080)) r1 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23}, 0x10) setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:14 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) setrlimit(0xf, &(0x7f0000000000)={0xffffffffffffffe0, 0xffffffffffffffe0}) [ 294.109778] CPU: 1 PID: 12266 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 294.117065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.126402] Call Trace: [ 294.128985] dump_stack+0x172/0x1f0 [ 294.129004] should_fail.cold+0xa/0x1b [ 294.129020] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 294.141584] ? lock_downgrade+0x810/0x810 [ 294.145734] ? ___might_sleep+0x163/0x280 [ 294.149881] __should_failslab+0x121/0x190 [ 294.154114] should_failslab+0x9/0x14 01:41:14 executing program 3: setrlimit(0x4, &(0x7f0000000040)) [ 294.157909] kmem_cache_alloc_trace+0x2d1/0x760 [ 294.162571] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 294.167677] __memcg_init_list_lru_node+0x8a/0x1e0 [ 294.172606] __list_lru_init+0x3d3/0x6e0 [ 294.176673] sget_userns+0x84d/0xd30 [ 294.180383] ? get_anon_bdev+0xc0/0xc0 [ 294.184279] ? get_anon_bdev+0xc0/0xc0 [ 294.188163] sget+0x10c/0x150 [ 294.191265] ? ovl_show_options+0x550/0x550 [ 294.195580] mount_nodev+0x31/0x110 [ 294.199212] ovl_mount+0x2d/0x40 [ 294.202575] mount_fs+0x106/0x3ff 01:41:14 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_NODE_GET(r0, &(0x7f0000000440)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10210020}, 0xc, &(0x7f0000000400)={&(0x7f0000001b80)=ANY=[@ANYBLOB="d00200001ff5b96cec2f442a448aaec845b85a0046d6cb1ac7", @ANYRES16=r1, @ANYBLOB="000028bd7000ffdbdf250d000000a40005004c00020008000300030000000800020003000000080001000000000008000400ff03000008000200010000000800040000000000080004000800000008000400020000000800020018d01d2e1c0002000800020009000000080001001600000008000400070000001c000200080004001f0000000800040005000000080003000900000008000100756470000c00020008000400008000000800010065746800200004001c0007000800030001000000080002000101000008000300080000000800060004000200fc00010014000200080001000a000000080004000900000038000400200001000a004e2400000400fe880000000000000000000000000101050000001400020002004e21e00000020000000000000000100001007564703a73797a300000000008000300a9c90000100001007564703a73797a320000000038000400200001000a004e2300000009ff010000000000000000000000000001040000001400020002004e23ac1414bb0000000000000000100001007564703a73797a3000000000100001007564703a73797a32000000002c0004001400010002004e22ac1414bb00000000000000001400020002004e24ac14141600000000000000000c00050008000100756470006c0005002c000200080003007c540000080003000000000008000200ffff0000080001001d0000000800020003000000080001006962000034000200080003000008000008000200c2f8ffff080004000100000008000400ff010000080002000100000008000400010000000c00090008000200030000003c0007000c000400e1ffffffffffffff0800010001000000080002009a000000080002000800000008000100ff0f00000c000300fdffffffffffffff34000900080001000600000008000100030000000800020006000000080002000700000008000200050000000800020046460000"], 0x2d0}, 0x1, 0x0, 0x0, 0x10}, 0x8000) r2 = openat$cgroup_ro(r0, &(0x7f00000004c0)='cpuset.effective_cpus\x00', 0x0, 0x0) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000580)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="9800c1945e8eb86f3cbe3316b4f8d90000", @ANYRES16=r1, @ANYBLOB="010426bd7000fbdbdf251300000014000200080001000200000008000100070000001c000900080002000800000008000200020000000800020009000000240007000800010080000000080002000400000008000200000000000800020011010000100002000400040004000400040004002000060004000200080001000700000008000100090000000400020004000200"], 0x98}, 0x1, 0x0, 0x0, 0x8000}, 0x84) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) io_setup(0x5, &(0x7f0000000600)=0x0) io_submit(r3, 0x4, &(0x7f0000000a80)=[&(0x7f0000000700)={0x0, 0x0, 0x0, 0x2, 0x3, r0, &(0x7f0000000640)="9c21e4e43d8d65a19e27bb2054240dbb52b2807e813053c7e7b1b626293526f2acdeb6e0f866ec37bff52dc034ede0e13c65d63172a5d9522b05720d4db4db3daca1269b36beaac9ca4cce536ad1eda98325427c32c8336b169fe5bf398324da5bd35853e839679b7278433b5c7f24e556cb28050b713f1b028f42023515ed7cf5e841ab267e2b9ce135267e16d2f71adaedc06d9b734a88de9ab0cd55a91f14a4d435322b22558e5ab1215e71268cb98269ec1f1fcafd342b9839abef4e", 0xbe, 0x7fffffff, 0x0, 0x3, r0}, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x6, 0x7f, r0, &(0x7f0000000740)="92e32de74e1badb59ce2b171538eafd9a02b6c48599e4fc825d490386fca29420636bb85fff484b42d5643a1052b4ae462d71453b0174e31ba0871b1aa32efec64edcc03c8e7f93d5b00e64a95dba099cd5eda80a260170fecd0806cfe0e0c58565317adabc01d2c5c0de3e523127d8ccf3d9603986e821d0f3814bff6f3ccfeb194877840f51de4b9eda594eaf54c4712d0b5eb7c08f8d886868774b0ba7761725db0d6bbf7d42442b44560ded221d9", 0xb0, 0xfffffffffffffe00, 0x0, 0x2}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x2, 0xffffffff, r0, &(0x7f0000000840)="a86c970a33ce800fca40ff6f9a0ff42f9e116916957a35b73f6d71826b330529d8235cf0599602b74001b9cbb7ab7ed6682c557a32a350f62221c45f3696e79d6c0f231e32ae50d6480ea9d5629e568edc81771eacd6d8e0a7cfaaf6a857c6459d740af1882a9025310c88c1560cb771f1afdc1480f67f22b6518a0d7a04983def0d89c42663fe1618dd5d76b4dccee75905e0a45b5736a29f75ab54018792a911b665d6ebcd0fa961612b9ab807ccd09602798dd9b7e87cab1082b1d63c7a1748f10c6ce63af8bf774d3880d5564a101f826d057c94a15d005fc4be457ca170ef6442539a15ad", 0xe7, 0x1, 0x0, 0x1, r0}, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0xb, 0x7, r0, &(0x7f0000000980)="fd0d30f39cdb7e076094d11a202b9172650726d4f803a89ae11252308b1d354f6c61a23ac2b1ad8c85fa75085eed11d9e642d7aedebe2c56acedd1fdec3a2370551f63bd92956c4d3ed047b4f2152e38c206e382026a64373013c0b400020e30a015c3f80071cdde2240907235eb330b1d36b333601ae840c322bcdf5c004050a5fa8ec049f52f357a1629dbed81f0b6ab757eacccb4bf0fe8086b7d", 0x9c, 0xa957, 0x0, 0x0, r0}]) ioctl$EVIOCGBITSW(r2, 0x80404525, &(0x7f0000000b80)=""/4096) [ 294.206022] ? emergency_thaw_all+0x1a0/0x1a0 [ 294.210533] ? __init_waitqueue_head+0x36/0x90 [ 294.215126] vfs_kern_mount.part.0+0x6f/0x410 [ 294.219624] do_mount+0x581/0x2d30 [ 294.223162] ? finish_automount+0x471/0x490 [ 294.227485] ? copy_mount_string+0x40/0x40 [ 294.231711] ? kmem_cache_alloc_trace+0x354/0x760 [ 294.236558] ? _copy_from_user+0xdd/0x150 [ 294.240706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 294.246239] ? copy_mount_options+0x30e/0x440 [ 294.250732] ksys_mount+0xdb/0x150 [ 294.254270] __x64_sys_mount+0xbe/0x150 01:41:14 executing program 3: setrlimit(0x5, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x20000, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f0000000080)={0x0}) syz_genetlink_get_family_id$net_dm(&(0x7f0000000000)='NET_DM\x00') ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r1}) [ 294.258253] do_syscall_64+0x103/0x610 [ 294.262155] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 294.267344] RIP: 0033:0x457e29 [ 294.270551] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 294.289446] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 294.297149] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:14 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 294.304411] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 294.311676] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 294.318939] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 294.326234] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 294.445035] kernel msg: ebtables bug: please report to author: Wrong size 01:41:14 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:14 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x9, 0x101040) ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000080)={0x2, 0x5, 0x8}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:14 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:14 executing program 2: setrlimit(0x2, &(0x7f0000000000)={0x80000001, 0x4000000005}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:14 executing program 5 (fault-call:3 fault-nth:44): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:14 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:15 executing program 2: r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x10001, 0x0) ioctl$KVM_PPC_GET_PVINFO(r0, 0x4080aea1, &(0x7f0000000080)=""/146) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 294.923442] kernel msg: ebtables bug: please report to author: Wrong size [ 294.943515] FAULT_INJECTION: forcing a failure. [ 294.943515] name failslab, interval 1, probability 0, space 0, times 0 [ 294.966686] kernel msg: ebtables bug: please report to author: Wrong size [ 294.983159] CPU: 1 PID: 12308 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 294.990439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.999793] Call Trace: [ 295.002382] dump_stack+0x172/0x1f0 [ 295.006008] should_fail.cold+0xa/0x1b [ 295.006025] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 295.006041] ? lock_downgrade+0x810/0x810 [ 295.019127] ? ___might_sleep+0x163/0x280 [ 295.023285] __should_failslab+0x121/0x190 [ 295.027518] should_failslab+0x9/0x14 01:41:15 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x80, 0x80) ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f0000000140)) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000080)={0x0, @reserved}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 295.031314] kmem_cache_alloc_trace+0x2d1/0x760 [ 295.035981] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 295.041073] __memcg_init_list_lru_node+0x8a/0x1e0 [ 295.045996] __list_lru_init+0x3d3/0x6e0 [ 295.050056] sget_userns+0x84d/0xd30 [ 295.053763] ? get_anon_bdev+0xc0/0xc0 [ 295.057663] ? get_anon_bdev+0xc0/0xc0 [ 295.061558] sget+0x10c/0x150 [ 295.061574] ? ovl_show_options+0x550/0x550 [ 295.061588] mount_nodev+0x31/0x110 [ 295.061600] ovl_mount+0x2d/0x40 [ 295.075944] mount_fs+0x106/0x3ff [ 295.079391] ? emergency_thaw_all+0x1a0/0x1a0 [ 295.079406] ? __init_waitqueue_head+0x36/0x90 [ 295.079423] vfs_kern_mount.part.0+0x6f/0x410 [ 295.079439] do_mount+0x581/0x2d30 [ 295.096492] ? finish_automount+0x471/0x490 [ 295.100818] ? copy_mount_string+0x40/0x40 [ 295.105047] ? kmem_cache_alloc_trace+0x354/0x760 [ 295.109897] ? _copy_from_user+0xdd/0x150 [ 295.114070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.119605] ? copy_mount_options+0x30e/0x440 [ 295.124097] ksys_mount+0xdb/0x150 [ 295.127637] __x64_sys_mount+0xbe/0x150 01:41:15 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:15 executing program 3: setrlimit(0x2, &(0x7f0000000040)) mq_open(&(0x7f0000000000)='user(\x00', 0x880, 0x8, &(0x7f0000000080)={0x40, 0x0, 0x4, 0x0, 0x7, 0x8, 0x6, 0x3}) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) [ 295.131607] do_syscall_64+0x103/0x610 [ 295.135500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.140681] RIP: 0033:0x457e29 [ 295.143871] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.162773] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 295.170471] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:15 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x2000)=nil) socketpair(0x0, 0x4, 0x3, &(0x7f0000000140)) r0 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x8, 0x410042) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x2) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) sigaltstack(&(0x7f0000ffa000/0x1000)=nil, &(0x7f0000000200)) [ 295.170479] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 295.170505] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 295.170513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 295.170521] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4002, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 295.261358] kernel msg: ebtables bug: please report to author: Wrong size 01:41:16 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:16 executing program 5 (fault-call:3 fault-nth:45): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:16 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x400000, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000000100)='{vmnet1wlan1\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r0, r1, 0x0, 0x7, &(0x7f00000000c0)='vmnet1\x00', r2}, 0x30) 01:41:16 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:16 executing program 2: setrlimit(0xe, &(0x7f0000000040)={0x3, 0x4000000009}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$sndpcmc(&(0x7f00000008c0)='/dev/snd/pcmC#D#c\x00', 0x7fffffff, 0x4000) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x80045700, &(0x7f0000000a40)) ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000b00)={0xa, 0x1, @start={0x3}}) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x24110, r0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x0) ioctl$VIDIOC_G_ENC_INDEX(r1, 0x8818564c, &(0x7f0000000080)) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000940), &(0x7f0000000980)=0x40) 01:41:16 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:16 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:16 executing program 3: setrlimit(0x2, &(0x7f0000000040)) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001900)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000001c00)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x2400904}, 0xc, &(0x7f0000001bc0)={&(0x7f0000001940)={0xe8, r2, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x9998}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x70, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x4}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast1}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7e}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x1}, 0x40) r3 = socket$kcm(0x2, 0x2, 0x73) bind(r3, &(0x7f0000000180)=@in={0x2, 0x0, @remote}, 0x80) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000040807031d", 0x9}], 0x1}, 0x0) r4 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00') r6 = getuid() getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000001c80)={{{@in6=@remote, @in6=@ipv4}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000001d80)=0xe8) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000001dc0)={0x0, 0x0, 0x103, 0x1, {0x9, 0x6, 0x7, 0xc28}}) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000001780)={{{@in6=@remote, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@initdev}}, &(0x7f0000001880)=0xe8) syz_mount_image$reiserfs(&(0x7f00000000c0)='reiserfs\x00', &(0x7f00000001c0)='./file0\x00', 0x3, 0x8, &(0x7f00000016c0)=[{&(0x7f00000002c0)="725f7f262e7573977df3fecbaf6f1ee1882839100c599e0523a177b822b78cf73d4991a45ff90585ef8dbf7ea235920cb5f884be8ad11fc3ea9ee601901fde7c3b216c7af72bb0277ddc10873e76c3ec47e2afa041dc8f1b28c5eb3bf49f658ed4e77f0d9d1e1089056054ebbb52900411cab04e8f399c375dd1333e175217f9bec44ec69157fa101cddc239ddd1944ec77299c9017b72632d9bcebe6b9b4fbe3006ff8c1e03093a20cde653f2c75f0242232d06", 0xb4, 0xffffffffffff7fff}, {&(0x7f0000000380)="2794dec40757831ee7652c9c2849591ec5ce536bebf179734c0e493977ba30b1e4df20192e876d59301e8d4b6e0675228ee37a1d8b1502e79445798d7a4285cdc147700a254c2a8e9bc7a77d39106c53ed4d62b31fce3ffc20a14f3e1e14e0e142150ccd88c273fc4f603e4f3e5f36fb61a04b3700d47f88eed6313b3315432d4c0f8e520f02b9b15a15a4fbcb492683a146c2c87d408f4124f70c4fa442dff039d2c214c8c5baab3261508ff04017e0e330317498145aa06f7f1744abb94f341c106561d8581ed3dfbf524123f8af28349365ff4b2e4dff7f0e688f8a3c581dbbdb5408a2e386c7cf6f3b9f37236f", 0xef, 0x80000001}, {&(0x7f0000000200)="cf1dc06fade37f88f137b0dd02e8143ed572bd65860eb6ab52eb55d316aaafb737b45f365e758c374b1d6a460d9d660a720645ac593ec5774c34eee0ade548b8ba1ce6bf493d1cb55e50bd2a58fa31afb4a3841f8a94492c7d41892f", 0x5c, 0x6}, {0xfffffffffffffffe, 0x0, 0xfe}, {&(0x7f0000000480)="8daa4edba39c13790135db1b2d3624a514f6d9cfe13cdc00c558c7eb3bdf86c30efcbeb7efe3e9d89bc17724811795b3e20a5795f7d04ce6c65b1fc668d11cc6773bdcc0b6709a6aa3cc9840aaa0a8f0a49cf0fecbb88bff56b291b8d0029abd29b1e2a5ff0069859d333978ced751a37117d0dcdc5db0de162bc1dfb1b95472e13b6d9bc7f6aabe8f0c664de05b319f404f84922708abff57c7fd0eaa10d77d39184de5edfaee2d49750d376a4343c7b5efcc9963ce0e0ef4c35841f4c3a4034e92daf976498faf70523c38c5151cb2b90d80372f0bee79a9daf50d84e2e783ad11b3e4d5d7bd2521df172470a825b0bf6c7b2838792b29045e998370c15c059187a3e8ee9d756f5707d929467f9e42c27f24c227b2e54df0bb668c000d563dd39c6333ff00ca286fcbcdea791f5aa44e23fea54b355c7652de4744e5c8889fd82f34e630be78c920d7c772b3b634cfe5467ad8e157c0d988b8ad7982c0ac7679660fed4e2cf6da3eb5e98c19704dd2bdfe316a93d532a5b9b27766c5dd66a3b273d18236f202abaa5f514581f77c1cef22caafbfbf03fa63d2ec5786b31e4567050a2fc588593bef98dfddf2db424c154d73ee546d1132d903c442547ba8a5a00d0d9f7822215031ed7281758728a44f7ddfda7984b11e39acab59f3a16925549c9347069f478db0cc4a11459c8e2ce913f110b3f3972dd3045f9f15a75902b2a881bafdaa3691b0121445d65c162f1b3c375b20a3fdabcdcc93107464eae44f60e52e342df792a72f80ded835fb37eab8e41bee1ce78972ace88348cadc84fc4854ae5aefb97b01e72773c22652b8bfa3356c2e02ed36492b5878bc8a8dc27a34211e75f5d0c10e64d3daafa765c16c5335f0292b2cbb3305a0246ca0335ccf7cb5204d7daecd6631d7f87e5b9148ad0a08c85382d9c906c926ba179dbef457cce3801f5929a6c6fb1397f72fa4c2e25804d6e75188afee8050afe08d986bfef7f372efbef2af66127c9219a51e19bc71e9eafd2901377bf3cc233bc9fa0adfbc18a7d12343412b9ffa8bb52440a975d92fbb4fb29e9f54aedbf4221c1ac74536f8de0aa121e0a2e13ccae2596f0ef27f42e5880cb82b54095309087b5f64c1f635ada4af526dfe0a0558259116a3f1cf98153a22a7a06d9c3c05c0c0b9a9499e9cbaf2ac42086989d0582b6d7a9cf177718c278519bed99b6b97341f2ce33f638b240aa472443d22559ff85acd4f419ef649d05a42c17c75f0d4e706e4395dcf8735f1f3539b8701ef1a43c644827fcd210056aaf401acad76bdc107fb6a77e2f03987cb4cfaa0ce3bda714b6da43ad2a5c4d8df33b25e73749557a3a51e28f1455302de2cc664d70c6a1f2e5f56692f6287482163ac61dd7942708049d18d8ef320ddffd4ab97cd384d1bb7e6ea2da96cd866d41ea71417f6803fd36aa8af7f09f444a8ed8d37338bcdd064693015b8244d4c1cd4fae4662390458bfe0f1bff1ebb07a95cea18c68ac990301faee2a0d1ae3256cd8b1aa963f8fa8fb66b4085169eb482b0576db7ad82a14eeca2bc3aaf50ad89d9150dc828e600846f2d4473326e375e17c9d1eee041f44a4e471f76beabc7084f4011d132ca03e33f1caf27cc2a77c8edeaf0fd53c909e33ecff142eb7551d87cc648708437e41f4b40cbd37c7bef1025f5e8d32039e414bfbb0dad4f1f3c74019525f847f864fe0de7d85cf01ab9a9a14117324e243dbd6512715ee26e7e2f995fcc05fb780a538a2ed21e50af04f7efc9dd39d6f89d01c8f7db965647a3b7c8db74be874febd9ac3eb6102a8b32907be5a227aeeeafe3954c00b356f146cc58db0d88e36c5a68d06728092b130c3ecb3a0d61f93d3663a5bb8005ea1ce408e1d7dde4eac5938b3bfe6bfa48a2d27598f82b1435181d3a382c44704066515321040548acd09fbc1631d9b519b9f2ce6a7cf649920b3f6f9261ac8758ba7aef896bd225f7e8bc53af103e5524625a1a754e4a162a585b1a8731ec473d074d1e695b862d03148ac28c876e8dfcde2193e0e64f19c9b0a45fbb3cb83c60a40108ceff91546b545810f8ff1e99d159c3aeb93fb87b973f53324d4e86cea5c075fc6a1eb60706352b22f6c3e1f993d361d2cb2161bb1f3f3e4ed509fcf31fa659f9f89b7653f698ff996c3fd9cccfde13f0b169a9b098f89b587de6105bd4026b6543da5817bd06915501be3e450659cf7293bcb319f2029ababe39968a9074356fea2d1887a36abd8034324a7426c81cb9b479a51532057d797568a8d7d2ae77f01cac10229574ec87e2e8ab4d65850f3fe0583891157c3408ec2ceafe0365d5c6c94fe31adad7973e7eae61cb425f64d7daa1325dee8819db0291b10f0356b928a690f8ad0e24e71285c8b603e6f289fd75d61334afa563776548c21ddeaa67fba9edae78ffc934148c00afeaaa980218d2a0ee71955f9fa6581875dd45996213eecb11eb459b22924efd7653f91c8863e65b1b0ad110196af1e706cd6ee4abde981392e6f3035f898fa1dd786f0eb67fefe16e978cdaacbf5479ec28ec0b531586d761f0a8fdf7a940554300768eac0ca75a0da73cfac4f767731d20b4858869d25fc2ae92fd5624e89158e63a956b2439c866ef7f416c867810c8a1bbca7fe49429372c651ddf29b72c78d263053ef3d5bfd3bf10445882d3e29b023fab51671beee01bfe70e5046f153516120fa4a101d7b0dc58113b3cf9ffb34ce7276846aeb7861c23811354da6d8cf9b2d6cb5121d1a42dc62b5e203ec938f76a3845aa027b1ebf044f6179a83efedbd6d079d277a03741843f39c776388807a525888c84a4c5e55a52b24eb6966d9a3f9fb3d76238e23b43a0b5aac33b45b35a463af2be6d881e1e5cd3a5f15f7503ab90788cc4e72d5b9698621bc647dd3e1d7116857f8036d9ebe5eba5be7212be82b0ba0c543e52f930fb2f45f7c624e8c1eb8a162a5d6213dd681cbaba496cb0f41657538b331be1eed14c2c2ee585778c948e64c0b01c5d877fdad8c551dd987fceba314d3ed9cf2501755d10c7874cd5cf6a81cd2ed790c5a2995a411228a25b0e1de524ce07d31e982aa43e069fc68a477f8fce1a5e544616916f6f4473da1503e01dc054cdb822a0fb89bc82455fa729c6e8fd31f339a2b3b34108ea179d7c797825033b0d343c39574ea6933c0141ac9742225abb11191b7db875d803ca6709fc622eb602b46e732eb5df68a571f0f9c859685ae6f1602bb23a727a3e2ca5e344b0c8d1a138c481d338eeb47d54ad138b227a735f2c25cbadee1c763288d61f8ae9256ef1cc398a8c43bd344f5757e4c3a8d866299794538e7e426e191d044a4e717246683324f6d20da2c016db95a0f5ef671d1a0fe44d5bdbcd0b5ef48643147d462f47a937343f2e51b27ac9a4d2e34108af2f82cd1daab6b353c8feda81dc11dbdbd5138a899901ce5e32dd27e377ef44e67d9ad075bd133597ecda5bf66cb9573509de95b29c098038e52ea495e87446f78133d502cab3b53555a964e61d9ca8d0f0037efb358724a4ec5749cee19314e3570ba5223ec763dba94f11e54d9919d2371323545777b72925ebf1d050ab19b4d3253682c808226b615847bc4ae92b0c88ad1dbe4cf104aa71a965ea8e462ce791a68725fb7c76ec90532426e603c2b2b5e36b5e922327a47dd7ae5eac0f8deb534c1eebd943da2bce8ff70bbc26e1baa16d384afd51b9882174633e3c0ddefb65868ff79bc46d18c4c16b0e2cbad79478b0a747692123aa4a7b669dc994fe7c09328e23dafea16470fd795edf387f5ba95f7efc62a27dd73b89e96598076f3defb27ba644544a3b0e27f37f37022360c76c6b1ca1ebf9ba0f796eea5b2c697392915e708b625b5dd064fd5ec636b320c7a6344b5fdb7b3d822a78ce67ebcb7f61b6a6185576994d47486567b305621cb776a4cfc67dcd03a1349691741cb378277e2ab4c4c7bb2a043aeed1ed10ffe66df6c6310b858a68ca08810ea5471b1e462a60d00055db1c48ee23dd109181391bcedfdf73a20fb3eed100bc69085d7ec3ceffe91608fc2b6ee5e1abc0dac6909fc2c04da1b8ab7f9cbf88c0642480c7ab0199eb846fccf8b4c657a7ef04df80332908632f8978ea6c71d5f730a72d37c19d7c543685975633209bf186ef02f04842bd1a669733f1bcc8e23d06b79ea9f23db30d7aa51096f440d337d60a4dd77113a84db4e7156016a4c7e86e9e203d6facb9c6f86ef757af95bd8368a15bb01ccac69d9fdd15d6277436e1a0cfe5e2a395c4df01122e433b5cac55e043c6a192eb403f1923d4cc2a6f2cdd56f8ece0b687eb61e3fc14baddfd2b034acc51bd56bd31c7be4400a059a8cfd6463408801a42f890e5c0bae0122fee9faa4d180c22c525955724f9c87391bc04712475d945c0f01da6d77db902ffb74e5583db9591e7235760cd32211660b53156da8f99b5d6448855c4240cd7e37bd2a990310875c8c0e6dc891a3da11ab1e6ee1beb7027bb4f04dfa675083e9198bbfaf359e31a2dfc0f785d29152de17e470014da563c672e965d40c30281b4d39f63e77240172b87b15e332d320b587f0f44b506b35e010a441222ffd92282b2f4a3463398ee17f423e81b1941d316328617661e64e3abeda09c414186d4a0d316191f2a8e42229126817fe96acc24c2455c5081b5530e928493635fe3f31eee63e07a58b44c21a48c4ddcb723334ce8862fb340e44fb42dbc2a1aa2d0045707960cf955d0274e8e576b60fd3d0b8afe568a75cc79c2c8dd7b0cf1714010d9f86f0ad3402d4fe990b79a74da1fed99902c6a09fb0213bc9ce81e1cf8365c0432a34256c0fc8f7b074f0ee02cef1459f1201ac5af7833d599c03bb8a5632bc4f7c1787054073f069ac3a6ee5a63da3e4e02c358711db21a161318758998fa0f8c3f22c6a47a18fcb4cf4f08c05fc10a7438c3e4af1d41b0160c202a2ce2f863006e13233639dd67643acd8a0d6c4bf87ae29bd07df4366b6c2aa87f724d616e07b876195766a6a1c55438cf32fe4fb6ded9ceb8c91dccf52f0bcb9215deaba05c994fa927f3c8fc5c476ba9c47587bb075d0100b8c86106e89cfb453466b8f1cf51288b645dae1552cd9940f1c9453b38a765f2dcf865eb2d906a9aa33899b7e0de9950165f650208f69fe1bd9baf3cb74f67f7b4f7b43a4b73b3af2eb71d189cdaf8bcc651bf44845a2c1ebc51df2bdb79d84ad7da3f880ced0fc9c03e1e03f99c6e33d1d13d596bf0e4348019f4e8c968e6ee499ac82f24419a24a85d63928da3859eed0304d57177e04a969ff9b041e319b1605a505c850993741498433ddd1ec8f5ec24e60297f3963b68cefcaa49ee89ff945df52c6c44e043934cfee3b374d6f5b49821337ae588d1949f2ee0b608cc506f93cdd4372395fbd1b4b2225542c140f8e14854a68e3ff9c421372aafa04f565d86f4d3406e696b82e7f839afaaa33499a7e05529d0b81586077deb77e6b846ef47089cb6ee0edbc6c569195252c78f811e1bf612af0f5405705d5cfc3c2e1b056a6df8879c5afec4b0ba9d9f97cac0ab001958c799506ad36203069fcc8e39a11506ec00ae75cfefc1a8e6c2e7732d1aff29cddf784d0d06cbc91d5a83123aad949a1ad478e1567590f3ed58d33c271b988459e7bfb5744495f7f3bef7ac81a000c0a0be8f93d981f3a42b54833adaadf0d558ab93eac06329f2355ef7e3776e20f97fc3d2ab3b9e9492f36cc25fde07d36490ef13333ba76d8a4ce677cd471266b23846925a126a8f", 0x1000, 0x556}, {&(0x7f0000001480)="a4872c555b93be265b1926705d3a925f61c7b96cdbbd843798c3c4858f3aee590d0ef977d7cddf731c4b7b2029d0124c80d1502a62e87684a3ed000fac96e9cef0efbd41d9157c48f2200a91ad4d134a02dd412532b110b9f54ce6560ecd67ca3ff2451e744c6cc1fba19882880c0601f4c3de84d18c53d357c758f2964f2b58b999", 0x82, 0x6}, {&(0x7f0000001540)="27d94f267feb575e4912f145a083a9fbf3d329991397a31173599ef224cdaa3dbfcaf01ecfd3cfcd9a6fe32c61ae93ceb7b473d35f4544fbebae502a601f7fa52ccd12b5ed78e245bb5daafe822debd2cc2bb549ab79656fa7062b55937c5c5c52b0a878cf0389d18a38db980aff18f06b15ba4b173c23af27ddf1b16340f09e398a2fcb1ce4158b37fb41ee9f", 0x8d, 0x8}, {&(0x7f0000001600)="433c2952f702213ad867ce2622c359e385675b9ded528cc3d6b193e7f3412fb84a038d3209a3e5ca91c92d8d703e70a27a6b21f186eb8ff58b38d18ab3600272f6a2bad842d7064669dbc05a44a243dd02a0a839a95ec8056d851c6b9ed6312a68622fd2acd8648c4e77cbba0f0d473a9eece147c874b52c024e4f3355b75b6d4176fd076d9d1861a2fc80e62a0fd993070b1f3f", 0x94, 0x1}], 0x2080000, &(0x7f0000001a40)=ANY=[@ANYBLOB="74616920733d6f66662c626c6f636b2d616c6c6f6361746f723d74657374342c6e6f6c61726765696f2c757365725f78617474722c7375626a5f75f365723d47504c2c402c6673636f6e746578749474d913381fa13d73797361646d5f752c66736d616769633d3078303030303030303030303030303030312c666f776e65723efd33a1b6cdccd3908500ca2d4815566ed029f9f94e22970ab53a53956b824a208c1b0d74794ce9055ce10af832fc0fa81edb4623b4b194ebb023be3d0455038191aeb2c3cba174841eca327ecc5caeb732203696e5e0a2", @ANYRESDEC=r6, @ANYBLOB=',smackfsfloor=TIPC\x00,rootcontext=sysadm_u,fowner<', @ANYRESDEC=r7, @ANYBLOB=',smackfshat=keyring,\x00']) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000001c40)={0x0, 0xf4}) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x402, 0x70bd2d, 0x10001}, 0x1c}, 0x1, 0x0, 0x0, 0x40090}, 0x1) prctl$PR_SET_MM(0x23, 0x40006, &(0x7f0000ffa000/0x2000)=nil) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000001e00)={0xff, 0xdc04, 0x0, 0x2, 0xc1}) 01:41:16 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffe000/0x2000)=nil) [ 296.027124] kernel msg: ebtables bug: please report to author: Wrong size [ 296.055360] FAULT_INJECTION: forcing a failure. [ 296.055360] name failslab, interval 1, probability 0, space 0, times 0 [ 296.113698] CPU: 0 PID: 12351 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 296.120985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.130330] Call Trace: [ 296.132910] dump_stack+0x172/0x1f0 [ 296.136518] should_fail.cold+0xa/0x1b [ 296.140390] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 296.145492] ? lock_downgrade+0x810/0x810 [ 296.149637] ? ___might_sleep+0x163/0x280 [ 296.153774] __should_failslab+0x121/0x190 [ 296.158009] should_failslab+0x9/0x14 [ 296.161790] kmem_cache_alloc_trace+0x2d1/0x760 [ 296.166437] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 296.171521] __memcg_init_list_lru_node+0x8a/0x1e0 [ 296.176436] __list_lru_init+0x3d3/0x6e0 [ 296.180479] sget_userns+0x84d/0xd30 [ 296.184188] ? get_anon_bdev+0xc0/0xc0 [ 296.188075] ? get_anon_bdev+0xc0/0xc0 [ 296.191959] sget+0x10c/0x150 [ 296.195049] ? ovl_show_options+0x550/0x550 [ 296.199354] mount_nodev+0x31/0x110 [ 296.202961] ovl_mount+0x2d/0x40 [ 296.206310] mount_fs+0x106/0x3ff [ 296.209749] ? emergency_thaw_all+0x1a0/0x1a0 [ 296.214224] ? __init_waitqueue_head+0x36/0x90 [ 296.218904] vfs_kern_mount.part.0+0x6f/0x410 [ 296.223382] do_mount+0x581/0x2d30 [ 296.226918] ? copy_mount_string+0x40/0x40 [ 296.231162] ? copy_mount_options+0x234/0x440 [ 296.235635] ? copy_mount_options+0x23a/0x440 [ 296.240108] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.245639] ? copy_mount_options+0x30e/0x440 [ 296.250114] ksys_mount+0xdb/0x150 [ 296.253635] __x64_sys_mount+0xbe/0x150 [ 296.257589] do_syscall_64+0x103/0x610 [ 296.261456] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.266622] RIP: 0033:0x457e29 [ 296.269791] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 296.288756] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 296.296458] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 296.303702] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 296.310948] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 296.318194] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 296.325442] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:16 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe803, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:16 executing program 5 (fault-call:3 fault-nth:46): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:16 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) [ 296.363623] kernel msg: ebtables bug: please report to author: Wrong size [ 296.518113] FAULT_INJECTION: forcing a failure. [ 296.518113] name failslab, interval 1, probability 0, space 0, times 0 [ 296.545539] CPU: 1 PID: 12378 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 296.552827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.562163] Call Trace: [ 296.564732] dump_stack+0x172/0x1f0 [ 296.568341] should_fail.cold+0xa/0x1b [ 296.572292] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 296.577381] ? lock_downgrade+0x810/0x810 [ 296.581508] ? ___might_sleep+0x163/0x280 [ 296.585653] __should_failslab+0x121/0x190 [ 296.589999] should_failslab+0x9/0x14 [ 296.593803] kmem_cache_alloc_trace+0x2d1/0x760 [ 296.598447] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 296.603526] __memcg_init_list_lru_node+0x8a/0x1e0 [ 296.608521] __list_lru_init+0x3d3/0x6e0 [ 296.612565] sget_userns+0x84d/0xd30 [ 296.616256] ? get_anon_bdev+0xc0/0xc0 [ 296.620121] ? get_anon_bdev+0xc0/0xc0 [ 296.623984] sget+0x10c/0x150 [ 296.627066] ? ovl_show_options+0x550/0x550 [ 296.631373] mount_nodev+0x31/0x110 [ 296.634976] ovl_mount+0x2d/0x40 [ 296.638318] mount_fs+0x106/0x3ff [ 296.641745] ? emergency_thaw_all+0x1a0/0x1a0 [ 296.646218] ? __init_waitqueue_head+0x36/0x90 [ 296.650777] vfs_kern_mount.part.0+0x6f/0x410 [ 296.655270] do_mount+0x581/0x2d30 [ 296.658784] ? finish_automount+0x471/0x490 [ 296.663095] ? copy_mount_string+0x40/0x40 [ 296.667304] ? kmem_cache_alloc_trace+0x354/0x760 [ 296.672125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.677638] ? copy_mount_options+0x30e/0x440 [ 296.682109] ksys_mount+0xdb/0x150 [ 296.685625] __x64_sys_mount+0xbe/0x150 [ 296.689583] do_syscall_64+0x103/0x610 [ 296.693446] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.698608] RIP: 0033:0x457e29 [ 296.701773] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 296.720756] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 296.728566] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 296.735810] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 296.743054] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 296.750385] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 296.757631] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:16 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:16 executing program 3: pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000080)={0x8, 0x9, 0x0, [{0x6, 0x7ff, 0x7ff, 0x1ff, 0x3, 0x9, 0x80000000}, {0x3, 0x8000, 0x9, 0x7, 0xf3, 0x7, 0x100000000}, {0x70e0, 0x6, 0x7, 0x80000001, 0x2, 0x1, 0x5}, {0x6, 0x3ff, 0x3, 0x4, 0x98, 0xff, 0x5}, {0x4, 0x0, 0x2, 0x40, 0x80, 0x6, 0x3ff}, {0xdca, 0x1, 0x3, 0x7, 0x9, 0x5, 0xff}, {0x74aa022b, 0x7, 0x9, 0x2, 0xfc91, 0x1, 0x1}, {0x3, 0x4, 0xc2fb, 0xfffffffffffffffc, 0x80, 0x6, 0x3}, {0x8000, 0x8, 0xfffffffffffffffe, 0x3, 0x4, 0x200, 0x7ff}]}) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) setitimer(0x1, &(0x7f0000000340)={{0x77359400}, {r1, r2/1000+10000}}, &(0x7f0000000380)) 01:41:16 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:16 executing program 2: setrlimit(0x6, &(0x7f0000000040)={0xee0, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:16 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf30f, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:16 executing program 5 (fault-call:3 fault-nth:47): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 296.909981] FAULT_INJECTION: forcing a failure. [ 296.909981] name failslab, interval 1, probability 0, space 0, times 0 [ 296.921305] kernel msg: ebtables bug: please report to author: Wrong size [ 296.941178] CPU: 0 PID: 12397 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 296.948465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.957809] Call Trace: 01:41:17 executing program 3: setrlimit(0x200000000003, &(0x7f0000000040)={0x6, 0xffffffffffefffff}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0) write$FUSE_BMAP(r1, &(0x7f0000000080)={0x18, 0x0, 0x3}, 0x18) [ 296.960399] dump_stack+0x172/0x1f0 [ 296.964054] should_fail.cold+0xa/0x1b [ 296.967944] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 296.973052] ? lock_downgrade+0x810/0x810 [ 296.977199] ? ___might_sleep+0x163/0x280 [ 296.981359] __should_failslab+0x121/0x190 [ 296.985594] should_failslab+0x9/0x14 [ 296.989389] kmem_cache_alloc_trace+0x2d1/0x760 [ 296.994065] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 296.999183] __memcg_init_list_lru_node+0x8a/0x1e0 [ 297.004112] __list_lru_init+0x3d3/0x6e0 01:41:17 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:17 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2) r1 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x854000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r2, 0xb08, 0x70bd26, 0x25dfdbfb, {}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_AF={0x8}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x8}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x40810) ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000080)={0x6, 0x4, 0x2, 0x80800, r1}) [ 297.008179] sget_userns+0x84d/0xd30 [ 297.011903] ? get_anon_bdev+0xc0/0xc0 [ 297.015788] ? get_anon_bdev+0xc0/0xc0 [ 297.019673] sget+0x10c/0x150 [ 297.022781] ? ovl_show_options+0x550/0x550 [ 297.027101] mount_nodev+0x31/0x110 [ 297.030718] ovl_mount+0x2d/0x40 [ 297.034069] mount_fs+0x106/0x3ff [ 297.034084] ? emergency_thaw_all+0x1a0/0x1a0 [ 297.034098] ? __init_waitqueue_head+0x36/0x90 [ 297.034117] vfs_kern_mount.part.0+0x6f/0x410 [ 297.034132] do_mount+0x581/0x2d30 [ 297.034145] ? finish_automount+0x471/0x490 [ 297.058912] ? copy_mount_string+0x40/0x40 [ 297.063140] ? kmem_cache_alloc_trace+0x354/0x760 [ 297.068004] ? _copy_from_user+0xdd/0x150 [ 297.068494] kernel msg: ebtables bug: please report to author: Wrong size [ 297.072157] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 297.072171] ? copy_mount_options+0x30e/0x440 [ 297.072189] ksys_mount+0xdb/0x150 [ 297.072204] __x64_sys_mount+0xbe/0x150 [ 297.072220] do_syscall_64+0x103/0x610 [ 297.100487] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 297.105671] RIP: 0033:0x457e29 01:41:17 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:17 executing program 3: setrlimit(0xf, &(0x7f0000000000)={0x6}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 297.108856] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 297.127750] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 297.135469] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 297.142736] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 297.150008] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 01:41:17 executing program 2: prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000)) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) socket$netlink(0x10, 0x3, 0x0) setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x80000) ioctl$IMGETDEVINFO(r0, 0x80044944, &(0x7f00000000c0)={0x81}) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000240)={0x7, &(0x7f0000000200)=[{}, {}, {}, {0x0}, {}, {}, {}]}) ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000280)={r1, 0x1b}) [ 297.157363] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 297.158743] kernel msg: ebtables bug: please report to author: Wrong size [ 297.164626] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:17 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(0xffffffffffffffff, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf401, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:17 executing program 5 (fault-call:3 fault-nth:48): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:17 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffb000/0x2000)=nil) 01:41:17 executing program 3: setrlimit(0x6, &(0x7f0000000040)={0xfffffffffffffffe}) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3, 0x400000) getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f00000002c0)={@mcast1, 0x0}, &(0x7f0000000300)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000340)={@ipv4={[], [], @multicast1}, 0x28, r1}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000080)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8) sendmsg$xdp(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2c, 0x3, r2, 0x2a}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000200)="41c476ea8870f1e424fc6093d707690ef3d27918e88a49b474334456f8227a63c8588ef366c66c2eb8e194a7b5a2cee69fa5d841185571b3fe78", 0x3a}], 0x1, 0x0, 0x0, 0x10}, 0x4800) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:17 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:17 executing program 2: setrlimit(0x3, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7ff, 0x80000) bind$tipc(r0, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x43, 0x3}, 0x2}}, 0x10) [ 297.800080] kernel msg: ebtables bug: please report to author: Wrong size [ 297.807812] FAULT_INJECTION: forcing a failure. [ 297.807812] name failslab, interval 1, probability 0, space 0, times 0 01:41:17 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe, &(0x7f0000000000)='/*!mime_type*\x00', 0xffffffffffffffff}, 0x30) waitid(0x3, r0, &(0x7f00000000c0), 0x21000004, &(0x7f0000000140)) [ 297.862460] net_ratelimit: 20 callbacks suppressed [ 297.862466] protocol 88fb is buggy, dev hsr_slave_0 [ 297.862491] protocol 88fb is buggy, dev hsr_slave_1 [ 297.867436] protocol 88fb is buggy, dev hsr_slave_1 01:41:18 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 297.919834] CPU: 0 PID: 12436 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 297.927155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.936504] Call Trace: [ 297.939102] dump_stack+0x172/0x1f0 [ 297.942754] should_fail.cold+0xa/0x1b [ 297.946652] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 297.951756] ? lock_downgrade+0x810/0x810 [ 297.951775] ? ___might_sleep+0x163/0x280 [ 297.951794] __should_failslab+0x121/0x190 [ 297.951810] should_failslab+0x9/0x14 01:41:18 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e21, 0x6, @ipv4={[], [], @loopback}, 0x35}], 0x2c) [ 297.964297] kmem_cache_alloc_trace+0x2d1/0x760 [ 297.972863] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 297.977989] __memcg_init_list_lru_node+0x8a/0x1e0 [ 297.982929] __list_lru_init+0x3d3/0x6e0 [ 297.987006] sget_userns+0x84d/0xd30 [ 297.990719] ? get_anon_bdev+0xc0/0xc0 [ 297.994606] ? get_anon_bdev+0xc0/0xc0 [ 297.998496] sget+0x10c/0x150 [ 298.001621] ? ovl_show_options+0x550/0x550 [ 298.005953] mount_nodev+0x31/0x110 [ 298.008904] kernel msg: ebtables bug: please report to author: Wrong size [ 298.009573] ovl_mount+0x2d/0x40 01:41:18 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 298.020240] mount_fs+0x106/0x3ff [ 298.023719] ? emergency_thaw_all+0x1a0/0x1a0 [ 298.028247] ? __init_waitqueue_head+0x36/0x90 [ 298.032830] vfs_kern_mount.part.0+0x6f/0x410 [ 298.037332] do_mount+0x581/0x2d30 [ 298.040876] ? copy_mount_string+0x40/0x40 [ 298.045129] ? copy_mount_options+0x1de/0x440 [ 298.049645] ? __sanitizer_cov_trace_pc+0x8/0x50 [ 298.054395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.054407] ? copy_mount_options+0x30e/0x440 [ 298.054422] ksys_mount+0xdb/0x150 [ 298.067944] __x64_sys_mount+0xbe/0x150 [ 298.067962] do_syscall_64+0x103/0x610 [ 298.067980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.067991] RIP: 0033:0x457e29 [ 298.084167] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.103068] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 298.107761] kernel msg: ebtables bug: please report to author: Wrong size 01:41:18 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400000, 0xa8) setrlimit(0x2, &(0x7f0000000100)={0x80000000, 0x4000000007}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r1, 0x2483}}, 0x10) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000140)={0x10000, 0x8, 0x6, 0x0, 0x4, 0x3, 0x9, 0x0, 0x9, 0x0, 0x0, 0xd71, 0x0, 0x54, 0xfe1, 0x400, 0x3, 0x0, 0x8}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x80a000, &(0x7f0000000380)=ANY=[@ANYBLOB="6d090000000000000030303030303030303064653d30303030303030303030303030303030303030303031312c6d6f64653d30303030303020303030303038cfe4a65c1de481dbbb73163b7a303030303030303030332c736d61636b66737472616e7c6d7574653d2c646f6e745f696173682c667590633d4b455845435f4b45524e454c5fbb4845434b2c6f626a5f757365723d2970707031626465767070703165746831292c004cdf0b29f719763001f191404e9d3531575588f0e6db63be14a7115f542139c09ffb742d0a8df43db4e6693f7e4edc96dff66f7f4fc645f704a3cd551dd8e51da3918ba6bc0199cfe4de06b834c92ac9c80fd83e984069bb60e665e6347e"]) [ 298.110776] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 298.110785] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 298.110793] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 298.110801] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 298.110809] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 298.182513] protocol 88fb is buggy, dev hsr_slave_0 [ 298.187596] protocol 88fb is buggy, dev hsr_slave_1 01:41:18 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:18 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:18 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) process_vm_writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)=""/242, 0xf2}, {&(0x7f0000000000)=""/36, 0x24}, {&(0x7f0000000180)=""/65, 0x41}, {&(0x7f0000000200)=""/251, 0xfb}, {&(0x7f0000000300)=""/204, 0xcc}, {&(0x7f0000000400)}, {&(0x7f0000000440)=""/98, 0x62}, {&(0x7f00000004c0)=""/214, 0xd6}], 0x8, &(0x7f0000001940)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/96, 0x60}, {&(0x7f00000016c0)=""/124, 0x7c}, {&(0x7f0000001740)=""/189, 0xbd}, {&(0x7f0000001800)=""/132, 0x84}, {&(0x7f00000018c0)=""/86, 0x56}], 0x6, 0x0) 01:41:18 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:18 executing program 5 (fault-call:3 fault-nth:49): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:18 executing program 2: setrlimit(0x2, &(0x7f0000000000)={0x80000000, 0x400000000a}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:18 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xb0, 0x1) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x667}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000100)={r1, @in={{0x2, 0x4e22, @remote}}}, 0x84) [ 298.745445] FAULT_INJECTION: forcing a failure. [ 298.745445] name failslab, interval 1, probability 0, space 0, times 0 [ 298.746294] kernel msg: ebtables bug: please report to author: Wrong size [ 298.794331] CPU: 1 PID: 12472 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 298.801618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.811086] Call Trace: [ 298.813675] dump_stack+0x172/0x1f0 [ 298.817309] should_fail.cold+0xa/0x1b [ 298.821196] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 298.826294] ? lock_downgrade+0x810/0x810 [ 298.830441] ? ___might_sleep+0x163/0x280 [ 298.834600] __should_failslab+0x121/0x190 [ 298.838832] should_failslab+0x9/0x14 [ 298.842636] kmem_cache_alloc_trace+0x2d1/0x760 [ 298.847305] __memcg_init_list_lru_node+0x8a/0x1e0 [ 298.852323] __list_lru_init+0x3d3/0x6e0 [ 298.856396] sget_userns+0x84d/0xd30 [ 298.860203] ? get_anon_bdev+0xc0/0xc0 [ 298.864104] ? get_anon_bdev+0xc0/0xc0 [ 298.867995] sget+0x10c/0x150 [ 298.871112] ? ovl_show_options+0x550/0x550 [ 298.875435] mount_nodev+0x31/0x110 [ 298.879077] ovl_mount+0x2d/0x40 [ 298.882434] mount_fs+0x106/0x3ff [ 298.885976] ? emergency_thaw_all+0x1a0/0x1a0 [ 298.890465] ? __init_waitqueue_head+0x36/0x90 [ 298.895051] vfs_kern_mount.part.0+0x6f/0x410 [ 298.899548] do_mount+0x581/0x2d30 [ 298.903090] ? finish_automount+0x471/0x490 [ 298.907411] ? copy_mount_string+0x40/0x40 [ 298.911767] ? kmem_cache_alloc_trace+0x354/0x760 [ 298.916732] ? _copy_from_user+0xdd/0x150 [ 298.920898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.926439] ? copy_mount_options+0x30e/0x440 [ 298.930940] ksys_mount+0xdb/0x150 [ 298.934497] __x64_sys_mount+0xbe/0x150 [ 298.938490] do_syscall_64+0x103/0x610 01:41:18 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000fff000/0x1000)=nil) 01:41:19 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 298.942381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.947567] RIP: 0033:0x457e29 [ 298.950753] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.969660] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 298.977386] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 298.984653] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 01:41:19 executing program 3: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_matches\x00') ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0x9) 01:41:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x20480, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 298.991915] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 298.999294] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 299.006561] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 299.014054] protocol 88fb is buggy, dev hsr_slave_0 [ 299.019109] protocol 88fb is buggy, dev hsr_slave_1 [ 299.024275] protocol 88fb is buggy, dev hsr_slave_0 [ 299.029519] protocol 88fb is buggy, dev hsr_slave_1 01:41:19 executing program 3: r0 = add_key(&(0x7f00000010c0)='cifs.spnego\x00', &(0x7f0000001100)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000001140)={r0, 0x2, 0xfffffffffffffffb}, &(0x7f0000001180)={'enc=', 'pkcs1', ' hash=', {'sha384-ce\x00'}}, &(0x7f0000001200)="cfbe1f509aa04a96cb31c33e56b36645cabf0d363973644c6ca890498a49bcf4544f0289a446f7c1888a6ea97943cf2a9d0cceb5b6ed594cfd296c810a28d5aacf24fc4b68e6c3f1878f0de08de0f10dbfc0e70b855cca5a8683b8d4542609244757e130b85202ca854ab574ced318be8b7e39d846a0705ad4cc89c45b44248aea53d9083411b40707f4d2ae457627f3c4855b134e0486a1fc66dc266340bd0856d67cdce70dfbe9657174bfb22f1564e2f6aafba5594a130e24ea4f420af5b6f90119d4c98909a78aa2789e805c5326b20c4583cfc5085a41632c5525e13db265aaa4d966b30c45cb", &(0x7f0000001300)="0a9ac0be23548218358e634340427a9c195078e4528d2c3b26") setrlimit(0x2, &(0x7f0000000040)={0x1ff}) socketpair(0x8, 0x80b, 0x3d, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000080)=""/4096, &(0x7f0000001080)=0x1000) prctl$PR_SET_MM(0x23, 0xc, &(0x7f0000ffa000/0x1000)=nil) [ 299.071093] kernel msg: ebtables bug: please report to author: Wrong size [ 299.462467] protocol 88fb is buggy, dev hsr_slave_0 01:41:19 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:19 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) setrlimit(0xf, &(0x7f00000000c0)={0x9, 0x40}) r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) finit_module(r0, &(0x7f0000000080)='nodev\x00', 0x0) 01:41:19 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:19 executing program 5 (fault-call:3 fault-nth:50): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:19 executing program 3: setrlimit(0x8, &(0x7f0000000780)={0x7e, 0x1ff}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100)={0xffffffffffffffff}, 0x13f, 0x10}}, 0x1a) r1 = dup(0xffffffffffffff9c) write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f00000000c0), r0, r1}}, 0x18) r2 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x7) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x4, 0x4a0, 0x0, 0x0, 0x0, 0x0, 0x2c8, 0x3d0, 0x3d0, 0x3d0, 0x3d0, 0x3d0, 0x4, &(0x7f0000000200), {[{{@ipv6={@mcast2, @dev={0xfe, 0x80, [], 0xf}, [0xff, 0xff000000], [0xffffff00, 0x0, 0xffffff00, 0xffffff00], 'nlmon0\x00', 'yam0\x00', {}, {0xff}, 0xbb, 0x1, 0x1, 0x1}, 0x0, 0x158, 0x180, 0x0, {}, [@common=@srh1={0x90, 'srh\x00', 0x1, {0x0, 0x401, 0x4, 0x8, 0xffffffff00000001, @local, @ipv4={[], [], @multicast2}, @empty, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], [0xff, 0xffffffff, 0xffffff00], [0xffffff00, 0xffffffff], 0x40}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x1, 0x0}, [0xffffffff, 0xffffff00, 0xffffffff], [0xffffffff, 0xffffffff, 0xffffffff], 'veth1_to_bond\x00', 'ipddp0\x00', {0xff}, {0xff}, 0x87, 0x80000001, 0x2, 0x20}, 0x0, 0x120, 0x148, 0x0, {}, [@common=@eui64={0x28, 'eui64\x00'}, @common=@frag={0x30, 'frag\x00', 0x0, {0x1ff, 0x361, 0x23, 0x8, 0x2}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x5, 0xfffffffffffffff8}}}, {{@ipv6={@empty, @initdev={0xfe, 0x88, [], 0x1, 0x0}, [0xff, 0xffffffff, 0xffffff00, 0xff], [0xffffffff, 0xff000000, 0xff000000, 0xff], 'nlmon0\x00', 'bcsh0\x00', {0xff}, {}, 0x7f, 0x4, 0x7, 0x41}, 0x0, 0xc8, 0x108}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0xfaa, 0x100, 0x3, 0x1, 0x100000001, 0x4, 0x0, 0x8279]}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x50) setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f00000001c0)={0x1, 0x6}, 0x8) 01:41:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x29400, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:19 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) setrlimit(0xe, &(0x7f0000000000)={0x10000, 0x2}) [ 299.629996] FAULT_INJECTION: forcing a failure. [ 299.629996] name failslab, interval 1, probability 0, space 0, times 0 [ 299.641394] kernel msg: ebtables bug: please report to author: Wrong size [ 299.666761] CPU: 1 PID: 12519 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 299.674183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.683531] Call Trace: [ 299.683555] dump_stack+0x172/0x1f0 [ 299.683580] should_fail.cold+0xa/0x1b [ 299.683599] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 299.683613] ? lock_downgrade+0x810/0x810 [ 299.683629] ? ___might_sleep+0x163/0x280 [ 299.683650] __should_failslab+0x121/0x190 [ 299.683666] should_failslab+0x9/0x14 [ 299.683680] kmem_cache_alloc_trace+0x2d1/0x760 [ 299.683695] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 299.683714] __memcg_init_list_lru_node+0x8a/0x1e0 [ 299.683730] __list_lru_init+0x3d3/0x6e0 [ 299.683747] sget_userns+0x84d/0xd30 [ 299.689929] ? get_anon_bdev+0xc0/0xc0 [ 299.741896] ? get_anon_bdev+0xc0/0xc0 [ 299.745779] sget+0x10c/0x150 [ 299.748896] ? ovl_show_options+0x550/0x550 [ 299.753216] mount_nodev+0x31/0x110 [ 299.756849] ovl_mount+0x2d/0x40 [ 299.760226] mount_fs+0x106/0x3ff [ 299.763702] ? emergency_thaw_all+0x1a0/0x1a0 [ 299.768232] ? __init_waitqueue_head+0x36/0x90 [ 299.772851] vfs_kern_mount.part.0+0x6f/0x410 [ 299.777350] do_mount+0x581/0x2d30 [ 299.780897] ? finish_automount+0x471/0x490 [ 299.785222] ? copy_mount_string+0x40/0x40 [ 299.789455] ? kmem_cache_alloc_trace+0x354/0x760 [ 299.794325] ? _copy_from_user+0xdd/0x150 [ 299.798473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.804008] ? copy_mount_options+0x30e/0x440 [ 299.808525] ksys_mount+0xdb/0x150 [ 299.812071] __x64_sys_mount+0xbe/0x150 [ 299.816046] do_syscall_64+0x103/0x610 [ 299.819938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.825116] RIP: 0033:0x457e29 01:41:19 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$dmmidi(&(0x7f0000000240)='/dev/dmmidi#\x00', 0x317, 0x400000) write$capi20_data(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="100040008780fdff07000000000000007c0008e4d80bc16673d5c790f751497c207dfbf65fa5d14d268870946b31cce3d1378e71b9da4ae750be0903c76d0f1a1e9452792c4b8282c3071a2b0eccc6839de604b520ef515c24ddb6698cd80b4ce22215e3d6a13c917635c7ff4a4696818dcf32e284b504370ccb5a37d7de09f9f8db8f64521e7fd85185d393249d"], 0x8e) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 299.828322] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.847397] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 299.847411] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 299.847418] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 299.847427] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 01:41:19 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x940200, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:19 executing program 3: setrlimit(0x4, &(0x7f0000000080)) prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ff8000/0x8000)=nil) 01:41:19 executing program 5 (fault-call:3 fault-nth:51): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 299.862364] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 299.862373] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 299.907071] kernel msg: ebtables bug: please report to author: Wrong size [ 300.005010] FAULT_INJECTION: forcing a failure. [ 300.005010] name failslab, interval 1, probability 0, space 0, times 0 [ 300.038939] CPU: 0 PID: 12539 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 300.046246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.055785] Call Trace: [ 300.058377] dump_stack+0x172/0x1f0 [ 300.062002] should_fail.cold+0xa/0x1b [ 300.062017] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 300.062043] ? lock_downgrade+0x810/0x810 [ 300.071032] ? ___might_sleep+0x163/0x280 [ 300.071053] __should_failslab+0x121/0x190 [ 300.083537] should_failslab+0x9/0x14 [ 300.087339] kmem_cache_alloc_trace+0x2d1/0x760 [ 300.092020] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 300.097157] __memcg_init_list_lru_node+0x8a/0x1e0 [ 300.102104] __list_lru_init+0x3d3/0x6e0 [ 300.106160] sget_userns+0x84d/0xd30 [ 300.109857] ? get_anon_bdev+0xc0/0xc0 [ 300.113726] ? get_anon_bdev+0xc0/0xc0 [ 300.117590] sget+0x10c/0x150 [ 300.120677] ? ovl_show_options+0x550/0x550 [ 300.124978] mount_nodev+0x31/0x110 [ 300.128583] ovl_mount+0x2d/0x40 [ 300.131927] mount_fs+0x106/0x3ff [ 300.135357] ? emergency_thaw_all+0x1a0/0x1a0 [ 300.139830] ? __init_waitqueue_head+0x36/0x90 [ 300.144392] vfs_kern_mount.part.0+0x6f/0x410 [ 300.148863] do_mount+0x581/0x2d30 [ 300.152397] ? finish_automount+0x471/0x490 [ 300.156703] ? copy_mount_string+0x40/0x40 [ 300.160932] ? kmem_cache_alloc_trace+0x354/0x760 [ 300.165772] ? _copy_from_user+0xdd/0x150 [ 300.169922] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.175434] ? copy_mount_options+0x30e/0x440 [ 300.179907] ksys_mount+0xdb/0x150 [ 300.183426] __x64_sys_mount+0xbe/0x150 [ 300.187379] do_syscall_64+0x103/0x610 [ 300.191246] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.196414] RIP: 0033:0x457e29 [ 300.199601] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.218499] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 300.226194] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 300.233557] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 300.240818] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 300.248074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 300.255318] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:20 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, 0x0, 0x0) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:20 executing program 2: setrlimit(0x2, &(0x7f0000000080)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000d1e000/0x1000)=nil) 01:41:20 executing program 3: setrlimit(0x6, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$SIOCAX25NOUID(r0, 0x89e3, &(0x7f0000000000)) 01:41:20 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:20 executing program 5 (fault-call:3 fault-nth:52): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:20 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x4}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r1, 0x100000001}, &(0x7f0000000140)=0x8) perf_event_open$cgroup(&(0x7f00000001c0)={0x0, 0x70, 0x5, 0xa767, 0x3, 0x85, 0x0, 0x9, 0x80, 0x4, 0xffffffff, 0xfffffffffffffffe, 0x7, 0x6, 0x1e6, 0x443c, 0x1, 0x0, 0x38000000000000, 0xfffffffffffff000, 0x40, 0x0, 0x7, 0x0, 0x9, 0x442, 0xffffffff, 0x81, 0x1ff, 0x5, 0xee1, 0x9, 0x8000000, 0x8, 0xfff, 0x9, 0x80000000, 0x6, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000180), 0x9}, 0x4000, 0x80, 0x100000000, 0x5, 0x4, 0x7fffffff, 0x4}, r0, 0x3, r0, 0x0) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 300.481971] kernel msg: ebtables bug: please report to author: Wrong size [ 300.503690] FAULT_INJECTION: forcing a failure. [ 300.503690] name failslab, interval 1, probability 0, space 0, times 0 [ 300.543251] CPU: 0 PID: 12559 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 300.550554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.559908] Call Trace: [ 300.562498] dump_stack+0x172/0x1f0 [ 300.566126] should_fail.cold+0xa/0x1b [ 300.570073] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 300.575193] ? lock_downgrade+0x810/0x810 [ 300.579342] ? ___might_sleep+0x163/0x280 [ 300.583588] __should_failslab+0x121/0x190 [ 300.587821] should_failslab+0x9/0x14 [ 300.591637] kmem_cache_alloc_trace+0x2d1/0x760 [ 300.596428] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 300.596448] __memcg_init_list_lru_node+0x8a/0x1e0 [ 300.596462] __list_lru_init+0x3d3/0x6e0 [ 300.606459] sget_userns+0x84d/0xd30 [ 300.606473] ? get_anon_bdev+0xc0/0xc0 [ 300.606490] ? get_anon_bdev+0xc0/0xc0 [ 300.606503] sget+0x10c/0x150 [ 300.625063] ? ovl_show_options+0x550/0x550 [ 300.629388] mount_nodev+0x31/0x110 [ 300.633022] ovl_mount+0x2d/0x40 [ 300.636385] mount_fs+0x106/0x3ff [ 300.639840] ? emergency_thaw_all+0x1a0/0x1a0 [ 300.644339] ? __init_waitqueue_head+0x36/0x90 [ 300.649027] vfs_kern_mount.part.0+0x6f/0x410 [ 300.653541] do_mount+0x581/0x2d30 [ 300.657095] ? finish_automount+0x471/0x490 [ 300.661431] ? copy_mount_string+0x40/0x40 [ 300.665666] ? kmem_cache_alloc_trace+0x354/0x760 [ 300.670542] ? _copy_from_user+0xdd/0x150 [ 300.674684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.680212] ? copy_mount_options+0x30e/0x440 [ 300.680231] ksys_mount+0xdb/0x150 [ 300.680248] __x64_sys_mount+0xbe/0x150 [ 300.680264] do_syscall_64+0x103/0x610 [ 300.680296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.692262] RIP: 0033:0x457e29 [ 300.692276] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.692284] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 300.692297] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 01:41:20 executing program 3: r0 = gettid() sched_setscheduler(r0, 0x0, &(0x7f00000000c0)=0xc55) setrlimit(0x2, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='map_files\x00') ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000080)=[0x0, 0x4]) write$P9_RREADLINK(r1, &(0x7f0000000100)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) prctl$PR_SET_MM(0x23, 0xf, &(0x7f0000ffa000/0x2000)=nil) 01:41:20 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) rt_sigsuspend(&(0x7f0000000200)={0x80000000000004}, 0x4) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x4000, 0x0) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000180)={0x6, 0x8000000000000000}) r1 = shmget(0x0, 0x1000, 0x78000020, &(0x7f0000ffa000/0x1000)=nil) shmctl$IPC_INFO(r1, 0x3, &(0x7f0000000240)=""/132) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x20, 0x1) mq_getsetattr(r2, &(0x7f00000000c0)={0x8, 0x9, 0x80000000, 0x2, 0xa0b, 0x2, 0x8, 0x1ff8000000000000}, &(0x7f0000000100)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:20 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x200000, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000080)=0x80000001, 0x4) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:20 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x204000, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e22, 0x7fff, @mcast1, 0x9}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, @in={0x2, 0x4e22, @loopback}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e21, 0x3, @mcast1, 0x80}, @in6={0xa, 0x4e21, 0xc05, @mcast2, 0x86b}, @in={0x2, 0x4e22, @broadcast}], 0xb4) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xd}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e23, 0x7fffffff, @loopback, 0x4cf}], 0x48) 01:41:20 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 300.692304] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 300.692314] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 300.753004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 300.760264] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 300.832856] kernel msg: ebtables bug: please report to author: Wrong size 01:41:21 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:21 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x10000, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x4000, 0x0) getsockopt$ax25_int(r0, 0x101, 0x9, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioctl$sock_netrom_SIOCDELRT(r1, 0x890c, &(0x7f0000000080)={0x0, @null, @bpq0='bpq0\x00', 0x7fffffff, 'syz0\x00', @bcast, 0x1ee3, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x10000}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000240)={r2, 0xff, 0x1, [0x30cd]}, &(0x7f0000000280)=0xa) 01:41:21 executing program 5 (fault-call:3 fault-nth:53): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x2000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:21 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:21 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x30f1cb7d, 0x200c0) vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="1c1d74d5cd0f0191e755b4617b4264dec84f1d38aa8ac82f7fdcf6c63bc1f63f0c1fb067dbf87eb3909a02a4713408d364051c9e771ffef4c2c7a7dcb4b406c204025341f7062ad559bde06d1c1d411ce2fd97ec2ece1c9d91183f8186b41054d7db885bddc5dd6175071ac00e953606bce38008d2512daa7dff07b725950c3ed788ce7ac0b1bd193242e277cd1b22a4ad0c66b6df71084e434bf4fb49a14284974562bea171d4867a8f772a4f6558a4c2c17316", 0xb4}, {&(0x7f0000000140)="6ff6d697d07d258f1fe4a46c700a67a26e15cfc2219ae4c65393a66ae7466a5b476c1c8b1aea9d2958954a47034ef4395bdb1fb5ea7518440023d071b337393589bea68f2e49056e229ffba2b9def87436f2777361824dba2a3d0c322ae4cedb7331ce8743df94ee0efbd835c79ddf609b466af1ea87a84038dfdc339526685f07cff4967285594c5257be6b5ef3256ab943bb000c3106ae5718343e7f69f400a556683f022cfebccfb23f8d2dacdb5c986a268fa8fcdb66b3576e4bad85537f98cb08c9ad6dd91606925d92271f4cd5f0e8f42664dc5ce9b03c8692fa3c40f3b095592366099fc846ef3d373306cc5ca1ffbc4c474a88f1f66599d30f32", 0xfe}, {&(0x7f0000000240)="6e6e3e5574e19904676d5958b8272c3551ccdec03a67ca3c6d646fd9a0c7d2c7796770c74edccc9bc82f75a47d98fed4c57e7174dade486d17c5e3f88de3cd2589481d7a2a9c49fc496fa678f5b5ed91f03ad2c3a5be59d2b7a226522838a3edb301fbd1df3fe8d01913bd52fcb954df80634e0f9566f487fdf6d6976a070a0146ed361e1b4b7e9971", 0x89}, {&(0x7f0000000300)="a87f12011f14f8bedf22c61b964a45fc56bb8c54d27016f80fecbaca758c0a0b8f6b86e8fb0ac9bb4591dd841fcf7837b8750bdb7460edca69f21b73d208d527a504071032cead3be276ad7b0caffb0a461e4097b890d1db19e21fedb38fc78a0166154d6d76c73f844abcaa44862a65022369eeba3f3dd2fb5bdcc9d2edf4b1d5102d9690882e4deaaae855e8e8752ba9e6d1aa345984045547a6a2c53bdf2f8b5de005095cdf3ee270807aa82fe5551685e7421fb979bb151d63e0b37984846a", 0xc1}], 0x4, 0x6) prctl$PR_SET_MM(0x23, 0x80000000f, &(0x7f0000ff8000/0x2000)=nil) ioctl$SIOCAX25CTLCON(r0, 0x89e8, &(0x7f0000000440)={@default, @default, @default, 0x9, 0x7fffffff, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null]}) 01:41:21 executing program 3: r0 = getgid() r1 = getgid() setregid(r0, r1) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-net\x00', 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x13}, 0x1}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x4, 0x2}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0xffffffffffffffff, 0x32}, 0x0, @in6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x5}}, 0xe8) connect$inet6(r4, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r4, &(0x7f0000000240), 0x5c3, 0x0) sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x2, 0x7, 0x0, 0x9, 0x2}, 0x10}}, 0x0) set_mempolicy(0x8002, &(0x7f0000000700)=0x400, 0x5) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r5 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x82080) sendmsg$rds(r5, &(0x7f00000008c0)={&(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/215, 0xd7}, {&(0x7f00000001c0)=""/184, 0xb8}, {&(0x7f0000000280)=""/225, 0xe1}], 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="30000000000000001401000003000000", @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='1\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000400)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="590000000000000030000000000000001401000003000000", @ANYPTR=&(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="d100000000000000", @ANYPTR=&(0x7f0000000540)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="0100000000000000580000000000000014010000060000000000008008000000", @ANYPTR=&(0x7f0000000580)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f00000005c0)=ANY=[@ANYBLOB="0400000000000000"], @ANYBLOB="000000000000000000000000000000000300000000000000ff0f0000000000000800000000000000d60300000000000058000000000000001401000009000000f9ffffff01000000", @ANYPTR=&(0x7f0000000600)=ANY=[@ANYBLOB="0600000000000000"], @ANYPTR=&(0x7f0000000640)=ANY=[@ANYBLOB="0200000000000000"], @ANYBLOB="0100008000000000070000000000000000000100000000000500000000000000100000000000000007e9ffffff00000018000000000000001401000002000000000001007f0000005800000000000000140100000800000006000000040000008567c0f1439d47d6c7467ba2062bebfe8821555b4a5e4f7f7363a9bb06aaf569b0acee9b92afc42cfd9e9c04ea07768069be841cc4393e63096c4c4c3a30340114502cc9d5e23c0d44407f0c65dbc84d951911d57cbd2aae8556b3b8168f4a7036d742802cab72f0e2378285cc7ced256c48339a56faf6e245650f8b60e1253b3e", @ANYPTR=&(0x7f0000000680)=ANY=[@ANYBLOB="ed07000000000000"], @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0200000000000000f20000000000000001000100000000000400000000000000000000000000000006000000000000001800000000000000140100000c0000000100008000000000"], 0x198, 0x10}, 0x4004000) [ 301.388343] kernel msg: ebtables bug: please report to author: Wrong size [ 301.396234] FAULT_INJECTION: forcing a failure. [ 301.396234] name failslab, interval 1, probability 0, space 0, times 0 01:41:21 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x141800, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={r1, 0x1}, 0x8) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:21 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 301.508218] CPU: 1 PID: 12598 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 301.515636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.525008] Call Trace: [ 301.527601] dump_stack+0x172/0x1f0 [ 301.531242] should_fail.cold+0xa/0x1b [ 301.531748] kernel msg: ebtables bug: please report to author: Wrong size [ 301.535136] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 301.535153] ? lock_downgrade+0x810/0x810 [ 301.535171] ? ___might_sleep+0x163/0x280 01:41:21 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 301.535190] __should_failslab+0x121/0x190 [ 301.535203] should_failslab+0x9/0x14 [ 301.563523] kmem_cache_alloc_trace+0x2d1/0x760 [ 301.568195] ? register_shrinker_prepared+0x116/0x190 [ 301.573380] ? find_held_lock+0x35/0x130 [ 301.577458] ovl_fill_super+0xe6/0x3bb8 [ 301.581451] ? lock_downgrade+0x810/0x810 [ 301.585605] ? up_write+0x1c/0x150 [ 301.589142] ? ovl_show_options+0x550/0x550 [ 301.593466] ? register_shrinker_prepared+0x116/0x190 [ 301.598671] ? sget_userns+0x3a3/0xd30 [ 301.602561] ? get_anon_bdev+0xc0/0xc0 01:41:21 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 301.606460] ? get_anon_bdev+0xc0/0xc0 [ 301.610346] ? sget+0x114/0x150 [ 301.613624] ? ovl_show_options+0x550/0x550 [ 301.617968] mount_nodev+0x68/0x110 [ 301.621597] ovl_mount+0x2d/0x40 [ 301.621942] kernel msg: ebtables bug: please report to author: Wrong size [ 301.624964] mount_fs+0x106/0x3ff [ 301.624981] ? emergency_thaw_all+0x1a0/0x1a0 [ 301.624996] ? __init_waitqueue_head+0x36/0x90 [ 301.625015] vfs_kern_mount.part.0+0x6f/0x410 [ 301.625032] do_mount+0x581/0x2d30 [ 301.652529] ? finish_automount+0x471/0x490 01:41:21 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 301.652547] ? copy_mount_string+0x40/0x40 [ 301.652561] ? kmem_cache_alloc_trace+0x354/0x760 [ 301.652580] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 301.652592] ? copy_mount_options+0x30e/0x440 [ 301.661120] ksys_mount+0xdb/0x150 [ 301.661139] __x64_sys_mount+0xbe/0x150 [ 301.661157] do_syscall_64+0x103/0x610 [ 301.661175] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.683555] kernel msg: ebtables bug: please report to author: Wrong size [ 301.683573] RIP: 0033:0x457e29 [ 301.702681] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 301.721574] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 301.727688] kernel msg: ebtables bug: please report to author: Wrong size [ 301.729554] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 301.729563] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 301.729573] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 301.729581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 301.729590] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 01:41:22 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:22 executing program 2: setrlimit(0x3, &(0x7f0000000100)={0x80000000, 0x84000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x48000) bind$unix(r0, &(0x7f0000000080)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 01:41:22 executing program 5 (fault-call:3 fault-nth:54): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:22 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:22 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000180)=0x7, 0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000300)=ANY=[@ANYPTR64=&(0x7f0000000200)=ANY=[@ANYBLOB="4894c2248473afda2e404d6f9ac2619752a3682e9b3ad1f0c702f676069469567a1bd8097abca08bc429b9f224f5218dd67820855d9e80977f7687fa58c525e8da0ad4468be36aa509802948dad9b535389cb4088b3d6947e772179f7cb84e9d812160398ef183296619aa884d0941ccaab986c4cb5f742b0d75ec5e2f55080352", @ANYRES16=r0, @ANYRES16=r0, @ANYPTR], @ANYRES32=0x0], &(0x7f00000001c0)=0x2) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r1, 0x2}, &(0x7f0000000140)=0x8) 01:41:22 executing program 2: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x84200, 0x0) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x8, 0x200002) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r1, 0x304, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10001}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xeb}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:22 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$audion(&(0x7f0000000300)='/dev/audio#\x00', 0xb6d, 0x8600) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000340)=0x10000, 0x4) ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000380)={&(0x7f0000ff9000/0x3000)=nil, 0x6, 0x0, 0x48, &(0x7f0000ffc000/0x4000)=nil, 0xc0000000000000}) prctl$PR_SET_MM(0x23, 0x80000000008, &(0x7f0000ffa000/0x1000)=nil) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x101000, 0x0) ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f0000000080)={0x3, @raw_data="e84acb9862b4c9ee7c63b1256bfcb7817e6d9d88444f67d98a8a34d54a55734489fad00e33063067d67107110d7d1fc95e820f8d2aff7b1ece66d38b2372a35615cf5199c555fddd80377337702fb5eaf05635d0a51d431e5360cf706c3679cb19723d24a1a5bede3d07aa937d80294d16416b9097cb9d237fff01e53fba990878db2511369ffe502ec30754d8d7a51da839fdaec0c55379d896429fb5ddfd1ce637793df60cfbaf2085774db7cf682d2ad58592392935a89b46700e3533d3f89461b3312b7c7b9b"}) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f0000000240)={@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @multicast2}, 0x2, 0x3, 0x3, 0x2}}, {&(0x7f0000000180)=""/115, 0x73}, &(0x7f0000000200), 0x1}, 0xa0) openat$audio(0xffffffffffffff9c, &(0x7f0000000400)='/dev/audio\x00', 0x0, 0x0) [ 302.234464] kernel msg: ebtables bug: please report to author: Wrong size [ 302.255083] FAULT_INJECTION: forcing a failure. [ 302.255083] name failslab, interval 1, probability 0, space 0, times 0 01:41:22 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 302.340734] CPU: 0 PID: 12692 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 302.348132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.357503] Call Trace: [ 302.360096] dump_stack+0x172/0x1f0 [ 302.363731] should_fail.cold+0xa/0x1b [ 302.367631] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 302.372742] ? lock_downgrade+0x810/0x810 [ 302.376999] ? ___might_sleep+0x163/0x280 [ 302.381149] __should_failslab+0x121/0x190 [ 302.385385] should_failslab+0x9/0x14 [ 302.389218] __kmalloc_track_caller+0x2d8/0x740 [ 302.393890] ? kmem_cache_alloc+0x341/0x710 [ 302.396460] kernel msg: ebtables bug: please report to author: Wrong size [ 302.398211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.398237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.398252] ? ovl_fill_super+0x252/0x3bb8 [ 302.398268] kstrdup+0x3a/0x70 [ 302.416240] ovl_fill_super+0x252/0x3bb8 [ 302.423654] ? lock_downgrade+0x810/0x810 [ 302.423675] ? up_write+0x1c/0x150 [ 302.423690] ? ovl_show_options+0x550/0x550 [ 302.423704] ? register_shrinker_prepared+0x116/0x190 [ 302.423722] ? sget_userns+0x3a3/0xd30 [ 302.448748] ? get_anon_bdev+0xc0/0xc0 [ 302.452641] ? get_anon_bdev+0xc0/0xc0 [ 302.456530] ? sget+0x114/0x150 [ 302.459808] ? ovl_show_options+0x550/0x550 [ 302.464127] mount_nodev+0x68/0x110 [ 302.467858] ovl_mount+0x2d/0x40 [ 302.471238] mount_fs+0x106/0x3ff [ 302.474694] ? emergency_thaw_all+0x1a0/0x1a0 [ 302.479209] ? __init_waitqueue_head+0x36/0x90 [ 302.483799] vfs_kern_mount.part.0+0x6f/0x410 01:41:22 executing program 3: setrlimit(0x2, &(0x7f0000000040)) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:22 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 302.488390] do_mount+0x581/0x2d30 [ 302.492018] ? finish_automount+0x471/0x490 [ 302.496350] ? copy_mount_string+0x40/0x40 [ 302.500674] ? kmem_cache_alloc_trace+0x354/0x760 [ 302.505534] ? _copy_from_user+0xdd/0x150 [ 302.505552] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.505566] ? copy_mount_options+0x30e/0x440 [ 302.505590] ksys_mount+0xdb/0x150 [ 302.505607] __x64_sys_mount+0xbe/0x150 [ 302.505623] do_syscall_64+0x103/0x610 [ 302.505638] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 302.505650] RIP: 0033:0x457e29 [ 302.515302] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 302.515310] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 302.515322] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 302.515330] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 302.515337] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 302.515343] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 302.515351] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 302.611311] kernel msg: ebtables bug: please report to author: Wrong size 01:41:23 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:23 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffa000/0x1000)=nil) 01:41:23 executing program 5 (fault-call:3 fault-nth:55): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:23 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=0x0) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000080)) 01:41:23 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x5000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 303.099759] kernel msg: ebtables bug: please report to author: Wrong size [ 303.115586] FAULT_INJECTION: forcing a failure. [ 303.115586] name failslab, interval 1, probability 0, space 0, times 0 [ 303.143131] net_ratelimit: 19 callbacks suppressed 01:41:23 executing program 3: setrlimit(0x7, &(0x7f0000000040)={0x0, 0x1000000}) r0 = request_key(&(0x7f00000010c0)='rxrpc_s\x00', &(0x7f0000001100)={'syz', 0x1}, &(0x7f0000001140)='\x00', 0x0) keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000001180)={r0, 0x1000, 0x1}, &(0x7f00000023c0)=ANY=[@ANYBLOB="656e633d72617720686173683d7368613338342d617678320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000665b79b7c67a7123335bb90bf6b32cd9193a9da5190b131a28ea99cce65a306beadfc159468c01e7d361a9f8b5135f76ee99d8022165663e19e78b9edcf14ea49e571f2508a15dc99d1852908f5a8494343c43c0606dd3f13890a27eec3cdcd954d24eed2d1689e8bbcddae5aa933a15fbf4c167b6708724f4b64cd97e97d45e2b5c7a71c41a2f56606a4c401f693436fb86fdaff92aedfe25073a4acfdf92ccf0b0fb5dc446a49d2af8059c2af6e33f9803ac9944523e4aeec4bbc59469c884af904b02f8d3dacc"], &(0x7f0000001240)="509518584d86339eaee2dccde377724da6ddedc3821a2743b91ec860e1216965792e64f958d1266a4917447121e3536f1f13b0fe8e57f0df5b59419025034d3e62a2cea4276e3b72674e1eef165a18ce7b07fa121dc5629e621ff3ad2fd16f5c145d8038acf48cc9f678b7c14bc6a2d6b6723d0226c6feb074c628680b251fc927cf7b71de27512d6039931cade980bfe30bbfee838153d50c9916d2e4b1a85692981cd8876b26df15ebe52a061291f5fbd813b022657a2e72b1141c9fe798d3255a7a7d10f96a3fd56549c68382c28df7b3373c194e7daff9244095f18854a98da69426abfced1f75651a8ca641aadfaf13940ff8e491cc98f9b8358162d369534d375346615b57c8cfa65eef3807351b55681654e0fc73fc51980fdf768dbbe00f260710c32a93f44b5d8762bd51da5db0a1b88474f614cf23444da3d452c4643f1d8599cb6e2567773f62247e9a5c92ef90dfacb8a731f005dc8c5d1218b807cd115163c9fe17247f4f932cf4c6e28210e59da689a8f730e1591d85fc47327e95b1a32ac5380d276b8977ec5b0b5ee6a68bedf5d01031adc60b9fcda2dafd8620de2fdede5a78f7ac95e110d9ef94cfb937934587031b88480cad51bef99d5f73db670b7cc3700642f7e53f8b8e30db5fc8721953684d9d206d150325126e7d76ca82162342a388a7674d8069dde41bd2b07f233dfa979a0fd5618077bd83f179f53fef1ede67bba36100d0045a69dd7d865a18678d87a4e09162cd0357242ab7b9da96e8f3e93b544c1468d8e2add8ba03548c020dba29edb876fc99d01eff5e73527658778e1ad4792aa67107e29693ef17dd5e6e9f0577e02ec58382ebf2aa48de65df575614ccd3c003d05fbe96f490946c8b0cb836ecdf31b5955a4010e6093e6fcdf4f20f75537a00d96b67462e9440fb1ba5946768fbaf7b3a9a6e00b44bb25c3042777fccb521f9e57055058033fcf4407cbd97ea59c5b37f3503f250f1e487d150f99340095774f395b0109c76012d092d37372eab020a5f54b6ff56d0a79a6b80c986313d1bfe84e5f6793d654d036af84f3d9f794cff28c0707c37ab38ea491d0f837f3adc74126db95c042917a4694d5019d0c000e768d780c458fa975382a763ededa615e490904fd862f4d2291398ec0e7ce93e9cbc8270536de1ae507a228220437a5eb8a7798032936d6b3607240f87d309fb8c79db5b30cee7357838b6366eacd6cf66ccb99d415bc19dbe625353a7acdcb236918c40cdbdfca157971e0103947442ee0770b8f0b29f8eb265e2c31554c3f64e529ed0a663b42d0b69400c0ba6cb202e16962d5e9194f86b0462337d5c591333119e772316d296c5f258a03ce77d85ba7961b714d7ed986e30c881dbed5d8f54bb261445c140a0c7661654a3c1a6975e16bd3b5c8a44c677ab9d2e8f91d00abdd8816b17586c442b5de3effbd3818925eebd8f29b3caf0bfee65a5588f2d8c9a6eb0cc2c386b349368da539210b5ff8b7598b2df8cca14eabccf45835b02aa3af7fe0ec6a2e40af66bb7219375c969a879a09d4203ed04ec4b12bc92f5a5fbd6752a6afa28d35c89156fdfb2e9d3d9ffe6e3b8d8b628ff9c06c05a16000ea3d2bef1e355fa355885b24b8ea7f4c0448b193e65fad01189a3645247eebb0a71dbbf266f16640515e729f4fc988e7e696856353464957a928b7a084683ebd591a3b10189d8a66ff9d8c25a76ff501d5de493d0346cb3ab3e21d2ab8f8d1c19331b14b9729e1d165d656222d7f62e675d68c0236c42d9023bbb6cfa7ebd9f7021d1f985bef0a83da1f6ba221dfa44b3caef2d2d86eb4a556085a81b7bda559834095af2afe01a9852c10fe7f9e661e7a180301ec069a33a993dc0a012823d12c05ee02c9809b033657f6b855677c076012f1fee784b2befe875eebbf4c10dc2c99268e91dd4ed3cd84e0a5b953ccdd11a0d432f876f234077c6d76588b073eaba42d667a710d34d7c814469ad48bd15f334630dc94649cd5e6b1d9e5a0a90325d000d8992d2dc7f6104c5e7728b691ac2185440580383cf3c1d0b397ccfa1890be344b265034bcbf3cb42b077f259bb3b5d5d4e42e49a432e5c2b160122dc0253ee70d49ef1695502d540d3af23025e083a8bccaa243eacc8c34726372bba25b6b00690cacff7070ea5fc78052488bf9f376826e35084a0a8a658ed9f795458e6dc8ea5509dbee11a53dd49576258db52ae6a120687ceb206828990c2e643f03c5da6446482a94301ff541543d329d570d61c1c89234e76ab101c9a14e847cb33d9b08a05d1b76f1b4658deb7c74297e8b74ff812d19fddfbc6b4b0b32569596c89bd0f5cbfdb58d3dfa12bf89865737530db894634dbe838385189ed084b6850eb3271d36b2b54c3ca233f32cfd4fadbd6a1aacc96bfe06cad17827a683164f03843bf3a80d6e059518cebeb65a27b89f2c6fd8b1c2c4a68fa8b9cc67701fd8efa4e40a43d1af2c9e0a7b9bdf6e3208e6c2dd5cf6f02f3f8662787c26a2d733ac860fbe20e295493f2b743bec6aa238e0de63bf4604a899388ae43fcf1fa1a635038f1fe8ac07e786b00ceedf096b13c7aacc2120448fc03ecfe6dd7747c8bf76768ddb1249d2b1769a46187f14ea059fd8012873e84e5ff6ef9d2d2e2444aa6695cdb0c3160f06d65333995599b12ba60073676502618f4c461d3b80c6077a043a9ffd82d69f19e0badad96150d0ada9da77d78fff97496947fb3ad36ab25d2565c7392f7674167a4bda800ae7e4c9770daabbcff5b13c9b185170040929d8c43bfbf7fb9d2972f7608adbe47394c713367ca2e5ec04ea630b7159b5f4f5dbe60596d0e5e6aa8ccac6439e4838df532f1071787ed0a795de77f02c44e2841219bf6bfa7abef64f8be4e9a132b85f08b8f08b8fe66de65719e2b33136050b507d2bf4b3f402b3d54d539253556ac3677c09e7bd698ceeedaa48102f1c9f3ea9fac4e4bb47b594ad244bfad91d9d284c582331201f0d066ee5f8fdc8d41170451608d4ae27e45938afce7fff75ba2e3820f90402c91d20896c553d3b3e9b182ee490657d43432406bd20db83610e7b3250b55b087a6df7074289c7094d9054a6780e10c002243fb73ebaac386d70b1cfcef72e597e16e1352843ed2914879b22547fbe07c746f7759218f3cdf42d77a55dc3cd2901f97ce5ee426bbd327a1a6d52f43c3890ab7942d475cafae00d2c58d99e9a0a2ea46a2e11e36514230ebdee16463db83b241ce438026b2d198480417c346c255678c5b111041c80245907528cf4e4339d44637b7fe8a1799b5dcdaa7cdd04a686b8a9337e071ff9d37543a30c60142b8f08b97cf825d3ef8d5ea8156cc821dbab76f52b1facc8218be4d0d4c257d16212b446358a6a34da33765a511379b82aa2c08d81c383fe3f0f1750533bb008fcaec104b74969440c3499aeefd9b0b185c1c31362d6a40e42cb29bde1a8de807d425d2f7d9188a2362e27a5f47e893694a840742696dbe7ca6ca21b28658ca7f17f7d1db7885bdd32c2d5b34122c7e7130a28c643bbaf548493fb977bdfedc1500fa1136d90c92bcd1e0327b437dadbcc2837e4d29adfb0ae65926a51bea0d7c970a2bae479fc73700c17c834ebb1020dadec60b7fc99826f26435d548d782c67c28ffbbd119bdff0f3c9101a98f997da1fa22ec686e132576e8139a3a013bdea9d214573f9b1956832a2d862c37de8830c369e87f4e84218d21160b1c4d8c2ac8aa1b6811ff94dfad9dafd99c54de7c7cff91b50283d9b6adf3ed6c78d183dac2d66a5dad555d753a9c28edc6d136d72898daebeff598860ab733399b4be6c094b667047aed17d1beff3661614ea0eaf7a48bc05768f5176579e7cbbfd43376e89018913f516cb6d848aea3c21698f611e90067a1cb5971bcdeaf497d198453a663e3f83748732c5831f2df8213af63bbe06a855f757c2695d72b9afc2589adde057ef238d37181e1f17623948ecfa45d061d7d328571587f7a73a2ca499b8c9449551f2d0f067769c9de8ab284aa12e514f65da0f8d59027b1e36631ec532388588f5034c41ec22649aea13424a1ddc8f075f57576ed5c866f090eeb8f12613b7291ad69a50156bad6252ece6310e19154052c7852c897243d13d7a8eb971850c33748b48c9a726c89cd953a481beb464d69a23d1f54fbad8ed758b4c714efc7b330aa6e4d33915cf4388a061d68a177040919fe466f30900b0c8287df64c2153c08e366fab6984fcb1ef9035a57dea3f06834c97f355ca84e4ee15fc3a663e2213574fd360c1dba56ccace58931e16fd8991062772da0dff4100d6d6a1b83898ed7449ee999de080f3672838f8ed332e548e85ff750174c02a4fc7c5f0de79c2ee29503f0599e85dbaf86cf49bbcc2f21ad90da22584fb723419c898f99aa0df64bd06932b4a771592c26e3dea816a606a6b8fe2fce041c4deec98b41a039e7f49ebc953dadee1d02f257c9fbafed40017d117702ccf3bbf0ac6d0551298c0a9110d7463552d8d4b53fbc674169391273b09fb6c8b2115b7f2408967527c5be5aa4a93e5775d825da15038f935045b2319cb0f9f36fc1b272ff55d89247314b926c1a1993261dce3fe5a9d7665be1c2a7f10b6740b0638c3c3897ca86351ab40d4d168927f46ff9d03c14b3959acefcbd0d246996bc16d4ee9067f8cc49c597d7dc14fe7a49eca01556715b0d541328144e2fad9300ff57f0dbf547b60576634a778839cbad2960faa6661315551ed09c9583615c61167c35242c9f539c622f121ae4d94e4fb081aa02c3af39f3558a777caa46e6584a7e9cf4294b6c8b861c25f9df8c70b1aff6927083575be6fe3f0572d14207952d6890a5bda1658844369521aa217d7a36bd997b5ef2af630fa100efb1cf1cc67989b71c71a8bb64f192a2c4e463d48ad95a0920582c3853f0b533501a1f2cb3fb472fe80092a2f58bb843de0556fa4a2997d8a0ceb8e874d98651bfe46de12b4b5be1178d946f7eaca4f9efa59701b31ded5ad273e0e6727b671db08a35de22a2fed028f0dbc88461812d677b729d28180a0c799684616dc1c9a0f0da5a6eabd9f8ad98dd51c0d06a4f31f8b529632c50cb76e9de509e94a966cc7e40076e285577aedb0529b9783840061093ba6d791c6d48e209b6d0350c3ac9237d5c07ef2ea591b7702ecabc7ce362bc1a93e0c5615ab40e77b8d940bd6c640d58d6dd88feb29a8fede26542822d219a75c29ca51b08181674065c31b766e426fccd79cd3159fe3505ed8b5a7006ecd159e384c337d3b6deff4f51d10bf8385ac21432d8a62649d3ac9acd713ae454f0e657cc1ad0fe3a86b2fc428f358d3655550822ee051a4345a61fe2757e6a97280619bfb9ff009b9d7ecffda8911f5499a66e4a130e9c116268e807ab30d60cc6eee1abb7487c13d3b8842b0d37931ddd606fe15eda8b0a615129cc92b95335bb096e818b7918dd567043aca19211413c60f6dac7b88d030eb36586b948b6b4e30868fcde2125b3c28f9bc38774f64d2b7a2a77844d0bfdb0dbd5ff96cce316dd22f7a5f38f44fb02127e83dee591329169ae94df1c5136aa562dbe50a408e3ed47248306e8f85801a2023884131ec2a5fcd223b221512d44b5c8a3bf61ca80c9ff4a1c2a4edb5cc2e53ee0e0e4e88297183f3bcf42d4c7df296bdbd8ed30f117e733c6e1cf3997cc2b0880cbb13f562633ededfa8361a3f727178487c6caaee176d38258ac9e95a2375683f1177f5a48f823e03942b61c0c463933ee3a33", &(0x7f0000002240)=""/253) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x88000, 0x0) recvfrom$llc(r1, &(0x7f0000000080)=""/4096, 0x1000, 0x0, &(0x7f0000001080)={0x1a, 0x1, 0x4, 0x1000, 0x8001, 0x2, @dev={[], 0xc}}, 0x10) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000002340)={@empty, @multicast1}, &(0x7f0000002380)=0xc) 01:41:23 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = accept$netrom(0xffffffffffffff9c, &(0x7f0000000080)={{0x3, @default}, [@rose, @null, @rose, @default, @null, @remote, @null, @null]}, &(0x7f0000000000)=0x48) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)) accept$inet6(r0, 0x0, &(0x7f0000000140)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r1 = syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x0, 0x200) ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f00000001c0)={&(0x7f0000fec000/0x11000)=nil, 0x8, 0x4, 0x8, &(0x7f0000fff000/0x1000)=nil, 0x5}) 01:41:23 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 303.143155] protocol 88fb is buggy, dev hsr_slave_0 [ 303.153686] protocol 88fb is buggy, dev hsr_slave_1 [ 303.159247] protocol 88fb is buggy, dev hsr_slave_0 [ 303.164797] protocol 88fb is buggy, dev hsr_slave_1 01:41:23 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x2000)=nil) [ 303.220839] CPU: 1 PID: 12733 Comm: syz-executor.5 Not tainted 5.0.0-rc6+ #76 [ 303.228145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.236533] kernel msg: ebtables bug: please report to author: Wrong size [ 303.237485] Call Trace: [ 303.237508] dump_stack+0x172/0x1f0 [ 303.237535] should_fail.cold+0xa/0x1b [ 303.254511] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 303.259639] ? lock_downgrade+0x810/0x810 [ 303.263792] ? ___might_sleep+0x163/0x280 [ 303.267939] __should_failslab+0x121/0x190 [ 303.272175] should_failslab+0x9/0x14 [ 303.275965] __kmalloc_track_caller+0x2d8/0x740 [ 303.280620] ? kmem_cache_alloc+0x341/0x710 [ 303.284943] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.290481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.296019] ? ovl_fill_super+0x252/0x3bb8 [ 303.300257] kstrdup+0x3a/0x70 [ 303.303473] ovl_fill_super+0x252/0x3bb8 [ 303.307539] ? lock_downgrade+0x810/0x810 [ 303.311695] ? up_write+0x1c/0x150 [ 303.315232] ? ovl_show_options+0x550/0x550 01:41:23 executing program 3: socket(0x7, 0xa, 0x81) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000ffa000/0x2000)=nil) [ 303.319550] ? register_shrinker_prepared+0x116/0x190 [ 303.324834] ? sget_userns+0x3a3/0xd30 [ 303.328725] ? get_anon_bdev+0xc0/0xc0 [ 303.332623] ? get_anon_bdev+0xc0/0xc0 [ 303.336511] ? sget+0x114/0x150 [ 303.339809] ? ovl_show_options+0x550/0x550 [ 303.344136] mount_nodev+0x68/0x110 [ 303.347759] ovl_mount+0x2d/0x40 [ 303.351125] mount_fs+0x106/0x3ff [ 303.351143] ? emergency_thaw_all+0x1a0/0x1a0 [ 303.351162] ? __init_waitqueue_head+0x36/0x90 [ 303.363665] vfs_kern_mount.part.0+0x6f/0x410 [ 303.368187] do_mount+0x581/0x2d30 [ 303.371733] ? finish_automount+0x471/0x490 [ 303.376065] ? copy_mount_string+0x40/0x40 [ 303.380312] ? kmem_cache_alloc_trace+0x354/0x760 [ 303.385170] ? _copy_from_user+0xdd/0x150 [ 303.389341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.394888] ? copy_mount_options+0x30e/0x440 [ 303.399388] ksys_mount+0xdb/0x150 [ 303.402932] __x64_sys_mount+0xbe/0x150 [ 303.406911] do_syscall_64+0x103/0x610 [ 303.410801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 303.415983] RIP: 0033:0x457e29 01:41:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x7000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 303.419176] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.438067] RSP: 002b:00007f29a6b66c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 303.438082] RAX: ffffffffffffffda RBX: 00007f29a6b66c90 RCX: 0000000000457e29 [ 303.438091] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 303.438098] RBP: 000000000073bf00 R08: 0000000020000100 R09: 0000000000000000 [ 303.438108] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f29a6b676d4 [ 303.460302] R13: 00000000004c3c73 R14: 00000000004d6e50 R15: 0000000000000005 [ 303.782464] protocol 88fb is buggy, dev hsr_slave_0 [ 303.787646] protocol 88fb is buggy, dev hsr_slave_1 01:41:24 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ff8000/0x3000)=nil) 01:41:24 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:24 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x24, r1, 0x201, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x10, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}]}, 0x24}}, 0x0) r2 = syz_open_dev$rtc(&(0x7f0000000240)='/dev/rtc#\x00', 0x8, 0x80001) ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f0000000300)) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00') setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) lsetxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.upper\x00', &(0x7f0000000140)={0x0, 0xfb, 0xee, 0x4, 0x7, "05dbb3d21f798bc0ad2e405aeca43343", "77b4ad6a133298d81968270649f8ce4de574f8196de6fb372b75e138281a2d7467274b6f4731dc4654f03f0b9f27552cabc2763f1f37e36dd1c7d68763ddcd62c3c5bc6f1a43765044581829562f4797635e15cdcd76408efb8b34beaccee7de04f451bc613607fc3d8b7431e91cc7dd254deff14422347ec4f18792a09d19a3c4b4e9da223b5c0cd6ddfd477fb7edb720905742ffe7c798ccfb3979a486beb8ea87d84b14a00352aadd5bb90cd5709d4611621e778ee8c807df60a67bdf22afea5227677e275acb9a6779b1888ab96bc20164400d03cb29ba"}, 0xee, 0x1) 01:41:24 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:24 executing program 5 (fault-call:3 fault-nth:56): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:24 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:24 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffb000/0x1000)=nil) [ 303.962999] kernel msg: ebtables bug: please report to author: Wrong size [ 303.979143] overlayfs: missing 'lowerdir' 01:41:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:24 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:24 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x43, &(0x7f0000ff9000/0x3000)=nil) [ 304.102478] protocol 88fb is buggy, dev hsr_slave_0 [ 304.102505] protocol 88fb is buggy, dev hsr_slave_1 [ 304.107551] protocol 88fb is buggy, dev hsr_slave_1 01:41:24 executing program 3: setrlimit(0xe, &(0x7f00000000c0)={0x3ff, 0x400}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0xc0000, 0x0) recvfrom$rxrpc(r0, &(0x7f0000000100)=""/143, 0x8f, 0x40012101, &(0x7f0000000040)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e20, 0x20, @mcast1, 0xf8ad}}, 0x24) 01:41:24 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x9000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 304.147272] kernel msg: ebtables bug: please report to author: Wrong size [ 304.168166] overlayfs: missing 'lowerdir' 01:41:24 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:24 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) socket$packet(0x11, 0x0, 0x300) 01:41:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 304.277535] kernel msg: ebtables bug: please report to author: Wrong size [ 304.422497] protocol 88fb is buggy, dev hsr_slave_0 01:41:24 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x3, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:24 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = dup(0xffffffffffffff9c) sendto$llc(r0, &(0x7f0000000080)="be883770f86fd88a75d9141123d8e18417728428c3b633dc88fa6bacb9c74931252f9430b179f3dd469aaeaff55dbbdc30297cedc79a6af92c3d1322e64fe98e3ee86ed7c3865cd422234d41e2d0523005699beea66d00541270b66b9d4c80042c61a2812bd12a49b219f2896de04873d5115ba6e80828b051c7f9850276c7357d2cde5aba6d0156264b888e49a7d1248f875383cf7085a96c76188e715f4dd6f8ba1914ec91c5dce2c2d2677ef4cfb24e4b50bb7d36660240a0984ae7066ca436779961bcf677de93db26a582b528759c2e2ebe0ac1294c", 0xd8, 0x80, &(0x7f0000000180)={0x1a, 0x336, 0x6, 0x200, 0x0, 0x5, @random="21db5e6ad5ce"}, 0x10) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil, 0x7fff, 0x7, 0x44, &(0x7f0000ffb000/0x2000)=nil, 0x20}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:24 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:24 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/userio\x00', 0x0, 0x0) ioctl(r0, 0x2, &(0x7f0000000140)="72f10a7e5f8c727d53b692ad02fef7a3b1db42fd68ddc99b744be7a298cc53445236803192d397b54428789231eb59657b53847604cb7c93a6bc49579876af27170d58d2126f6ad31da9c93b6b556ad90570bd2cee0bc35faf42a824a71b5f2aa627f2c296e2adb899ccc67e2c9a5d79148bf1aa617f5c7ff1890d14f13d324a5f3d2bdef473d28ab3e0cc12a702dbdf") r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f023c123f3188a070") close(r0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:24 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:24 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 304.841433] kernel msg: ebtables bug: please report to author: Wrong size 01:41:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x4, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:25 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x10001, 0xa4180) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x8, 0x6, 0xfffffffffffffffb, 0x6, 0x4}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r1, 0x6d}, &(0x7f0000000140)=0x8) 01:41:25 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x10bae3c4b154a898) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={r1, 0x0, 0x6, 0x20, 0x7}) openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 304.925829] kernel msg: ebtables bug: please report to author: Wrong size 01:41:25 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x5, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:25 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 305.071881] kernel msg: ebtables bug: please report to author: Wrong size 01:41:25 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:25 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80400, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f0000000080)=0x3) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffa000/0x3000)=nil) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f00000000c0)) 01:41:25 executing program 3: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x96, 0x2400) ioctl$FIBMAP(r0, 0x1, &(0x7f00000000c0)=0x1) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:25 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:25 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:25 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:25 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f) setrlimit(0x2, &(0x7f0000000080)={0x20000000006, 0x1ff}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 305.701877] kernel msg: ebtables bug: please report to author: Wrong size 01:41:25 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:25 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:25 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) futex(&(0x7f0000000000)=0x1, 0x8f, 0x0, &(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0), 0x2) 01:41:25 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffc000/0x2000)=nil) 01:41:26 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 306.017428] kernel msg: ebtables bug: please report to author: Wrong size 01:41:26 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:26 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xa, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:26 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x20002, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000080), 0x1) 01:41:26 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:26 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = dup(0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@empty, @in=@remote}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6}}, &(0x7f0000000000)=0xe8) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:26 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 306.538956] cgroup: fork rejected by pids controller in /syz0 [ 306.574424] kernel msg: ebtables bug: please report to author: Wrong size 01:41:26 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x60, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:26 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x88, &(0x7f0000ffb000/0x2000)=nil) 01:41:26 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x20202, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000140)=0x4) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/audio\x00', 0x2000020000101002, 0x0) ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000000)={0x80f, 0x16, 0xffff, 0x1f}) mmap$perf(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x2, 0x20010, r1, 0x0) getsockname$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, &(0x7f00000000c0)=0x1c) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f00000001c0)={r2}) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000ff6000/0x3000)=nil) 01:41:26 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x40) ioctl$sock_netdev_private(r0, 0x89ff, &(0x7f0000000080)="1af2d6c10a81c6158573dd8b3491eb06389592f80bed1bbc1ca9dd0f699fd0d940cfde346d41d2ed23d68cd05c9457512af1700eec30dd986f") 01:41:26 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:26 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x300, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 306.810978] kernel msg: ebtables bug: please report to author: Wrong size [ 308.906522] IPVS: ftp: loaded support on port[0] = 21 [ 308.975877] chnl_net:caif_netlink_parms(): no params data found [ 309.001072] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.007590] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.014876] device bridge_slave_0 entered promiscuous mode [ 309.021477] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.027930] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.034815] device bridge_slave_1 entered promiscuous mode [ 309.051568] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 309.061645] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 309.079341] team0: Port device team_slave_0 added [ 309.085390] team0: Port device team_slave_1 added [ 309.155373] device hsr_slave_0 entered promiscuous mode [ 309.222999] device hsr_slave_1 entered promiscuous mode [ 309.281469] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.287869] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.294502] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.300834] bridge0: port 1(bridge_slave_0) entered forwarding state [ 309.329934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 309.341382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 309.348917] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.355963] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.363708] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 309.374696] 8021q: adding VLAN 0 to HW filter on device team0 [ 309.383399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 309.390918] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.397282] bridge0: port 1(bridge_slave_0) entered forwarding state [ 309.409362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 309.416944] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.423304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.440985] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 309.448657] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 309.464430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 309.472004] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 309.479749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 309.488030] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 309.505401] 8021q: adding VLAN 0 to HW filter on device batadv0 01:41:29 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:29 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x11000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:29 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = semget(0x1, 0x4, 0x100) semctl$IPC_RMID(r0, 0x0, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:29 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x2000)=nil) 01:41:29 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:29 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x500, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 309.678987] kernel msg: ebtables bug: please report to author: Wrong size 01:41:29 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x440) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080), 0x4) 01:41:29 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x600, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:29 executing program 3: setrlimit(0x2, &(0x7f0000000040)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0) ioctl$DRM_IOCTL_RM_MAP(r0, 0x4028641b, &(0x7f0000000080)={&(0x7f0000ffa000/0x3000)=nil, 0x7, 0x4, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x10000}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffd000/0x1000)=nil) 01:41:29 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:29 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x15000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:29 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6dc2, 0x346d32e69e0615cd) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000080)=@req3={0x4, 0x2, 0x8001, 0x1f, 0x20, 0xc45, 0xb6c4}, 0x1c) setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x10000000000b, &(0x7f0000ffb000/0x2000)=nil) [ 309.854360] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x700, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:30 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x9, 0x400) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f00000001c0)=ANY=[@ANYBLOB="6d616e676c6500000200000000000000000000000000000000000000000000007c000002000000000000000000000000000000000000004a7f0000000000002f9e3eba463dd4b94317f88855573e6a0043b3a1a2dea546f453f2035051d407c44dd7aa7a105c19bd8682a99928d69e058571cfc096f05d9123474ce0593b242f64fb3e670c2e1b77327fcc413422321efc659dabaa0b6f3d02f0afae91e8c8a686343ee767c5b9d1ecb6beb191f09bdafa490455e6860c43e37fb34010953a62846b7cb577968c79d23cee139345fd696be3ae5a11be39407a3864644d0b071b66d4ffe3d5ebf8e9b4ad2aa001c987acf2c1edb954a699a836040df80cebb56e6ae9b3843065bedd4fe23efbb0ff6f96fc13e730676f6d5e49e005d92617"], 0x1033a) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:30 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:30 executing program 3: setrlimit(0x2, &(0x7f0000000040)) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xb9d, 0x400000) getsockopt$inet6_int(r0, 0x29, 0x7a, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 01:41:30 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1a4) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000080)={0x8000000, 0xef, 0x2}) 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xa00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 310.114173] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x20000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:30 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0) 01:41:30 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x15000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:30 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x400100, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000080)={0xb0000, 0x0, [0x7, 0x2, 0x8, 0x80000001, 0x6, 0x80, 0x3, 0x2]}) 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x1020, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:30 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0) 01:41:30 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:30 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 310.441153] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:30 executing program 2: setrlimit(0x10000002, &(0x7f0000000100)={0x1000, 0x100000400}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) 01:41:30 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x40000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 310.544567] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 0: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0) 01:41:30 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2010, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x15000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:30 executing program 2: prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) [ 310.717187] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000000)={'tunl0\x00', {0x2, 0x4e21, @loopback}}) 01:41:30 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x3f00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 310.798302] kernel msg: ebtables bug: please report to author: Wrong size 01:41:30 executing program 0: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x440) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080), 0x4) 01:41:30 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x40020000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x4000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x15000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 310.973817] kernel msg: ebtables bug: please report to author: Wrong size 01:41:31 executing program 2: setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000ffa000/0x2000)=nil) pipe2$9p(&(0x7f0000000200), 0x80000) r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7d, 0x200040) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x0, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {&(0x7f0000000080), 0x2, r1, 0x3c, 0x1, @in={0x2, 0x4e23, @loopback}}}, 0xa0) 01:41:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:31 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:31 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(0xffffffffffffffff, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 311.191327] kernel msg: ebtables bug: please report to author: Wrong size 01:41:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6087, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x53f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 311.373749] kernel msg: ebtables bug: please report to author: Wrong size 01:41:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xedc0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:31 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x16}]}, 0x8) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000140), 0xc, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000012002707000000000000000000000000"], 0x1}}, 0x0) 01:41:31 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x40000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 311.565730] kernel msg: ebtables bug: please report to author: Wrong size 01:41:31 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:31 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 311.719911] kernel msg: ebtables bug: please report to author: Wrong size 01:41:32 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000500)='/dev/dri/card#\x00', 0x1, 0x0) r1 = dup(r0) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000280)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2324a86}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]}) 01:41:32 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0xc0) memfd_create(0x0, 0xffffffffffffffff) memfd_create(&(0x7f0000000300)='ppp1/^/&vmnet1selfwlan1\x00', 0x100000000004) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x1, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'bond_slave_1\x00'}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000440)={@broadcast, @multicast1}, &(0x7f0000000480)=0xc) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f00000004c0)={@dev}, &(0x7f0000000500)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="f7459ddaa0ff6a17dfd574a4770000", @ANYRES32, @ANYRES16], 0x3}, 0x1, 0x0, 0x0, 0x41}, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x80000, 0x0) syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x7968e71e, 0x800) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, 0x0, &(0x7f00000002c0)) r2 = syz_open_dev$usbmon(0x0, 0x1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffdffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = syz_open_pts(0xffffffffffffffff, 0x0) flock(r4, 0x4) ioctl$sock_inet6_SIOCADDRT(r3, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x77a0100]}, @rand_addr="58c4c4a733d993a894f49491cb15d13e", @loopback, 0x0, 0x0, 0x0, 0x500}) getpeername$packet(0xffffffffffffff9c, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000001180)={@mcast1, @rand_addr="ac51848fee59b1716eda4e98968fde79", @empty, 0xffffffff, 0xfffffffffffffff8, 0x6, 0x100, 0x5, 0x4}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 01:41:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:32 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x1000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x57f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 312.123343] kernel msg: ebtables bug: please report to author: Wrong size 01:41:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:32 executing program 2: r0 = shmget$private(0x0, 0x3000, 0xb08, &(0x7f0000ffb000/0x3000)=nil) semget$private(0x0, 0x0, 0x99) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDSKBLED(r1, 0x4b65, 0x3f) ioctl$KDGETKEYCODE(r1, 0x4b4c, &(0x7f0000000040)={0xffff, 0x80}) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100, 0x8c) renameat(r2, &(0x7f00000000c0)='./file0\x00', r4, &(0x7f0000000140)='./file0\x00') fchdir(r1) ioctl$TIOCLINUX7(r1, 0x541c, &(0x7f0000000180)={0x7, 0x5}) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f00000001c0)=0xc, 0x4) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) r5 = request_key(&(0x7f0000000200)='cifs.idmap\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)='\x00', 0xffffffffffffffff) keyctl$restrict_keyring(0x1d, r5, &(0x7f00000002c0)='pkcs7_test\x00', &(0x7f0000000300)='mime_type.\x00') getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000340), &(0x7f0000000380)=0x30) ioctl$TIOCSBRK(r1, 0x5427) ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000003c0)={0x5, 0x0, 0x1, 0x77d, 0x19, 0x101, 0x9, 0xc0, 0xb3, 0xf09, 0x8001, 0x5}) ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f0000000400)) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) ioctl$KDGKBENT(r3, 0x4b46, &(0x7f0000000440)={0x0, 0x8000, 0x7fffffff}) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000480)) add_key$user(&(0x7f00000004c0)='user\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000540)="f35c2f89111713866f1fc199e58da8ff9b7f13af2e41275e5915f33cf7ef7faf2e9a48dcca779446b0bc6d37ccbaf09f244db41b9828cec4660df7163f", 0x3d, r5) clock_gettime(0x1, &(0x7f0000000580)) fstatfs(r2, &(0x7f00000005c0)=""/241) semctl$SETALL(r0, 0x0, 0x11, &(0x7f00000006c0)=[0xd, 0xa5, 0x7f, 0x3, 0xfffffffffffffffb]) 01:41:32 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:32 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="000000000c0000000000000008000100736671004800020000007a2ee8aad26436287a000000000000000094430000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1}}, 0x0) [ 312.249182] kernel msg: ebtables bug: please report to author: Wrong size 01:41:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:32 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x3000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:32 executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000880)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) r1 = epoll_create(0x1ff) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) readv(0xffffffffffffffff, 0x0, 0x0) write$uinput_user_dev(r0, &(0x7f0000001d00)={'syz0\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x0) 01:41:32 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000017, &(0x7f0000000040), 0x3b3) 01:41:32 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0xc0) memfd_create(0x0, 0xffffffffffffffff) memfd_create(&(0x7f0000000300)='ppp1/^/&vmnet1selfwlan1\x00', 0x100000000004) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x1, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'bond_slave_1\x00'}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000440)={@broadcast, @multicast1}, &(0x7f0000000480)=0xc) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f00000004c0)={@dev}, &(0x7f0000000500)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="f7459ddaa0ff6a17dfd574a4770000", @ANYRES32, @ANYRES16], 0x3}, 0x1, 0x0, 0x0, 0x41}, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x80000, 0x0) syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x7968e71e, 0x800) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, 0x0, &(0x7f00000002c0)) r2 = syz_open_dev$usbmon(0x0, 0x1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffdffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = syz_open_pts(0xffffffffffffffff, 0x0) flock(r4, 0x4) ioctl$sock_inet6_SIOCADDRT(r3, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x77a0100]}, @rand_addr="58c4c4a733d993a894f49491cb15d13e", @loopback, 0x0, 0x0, 0x0, 0x500}) getpeername$packet(0xffffffffffffff9c, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000001180)={@mcast1, @rand_addr="ac51848fee59b1716eda4e98968fde79", @empty, 0xffffffff, 0xfffffffffffffff8, 0x6, 0x100, 0x5, 0x4}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) [ 312.478356] kernel msg: ebtables bug: please report to author: Wrong size 01:41:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x80040200, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 312.535478] input: syz1 as /devices/virtual/input/input5 01:41:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:32 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x4000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:32 executing program 3: gettid() semget(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) write$P9_RWSTAT(r1, &(0x7f0000000040)={0x7}, 0x7) ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x0, 0x0, 0x0) [ 312.617264] input: syz1 as /devices/virtual/input/input6 [ 312.715487] kernel msg: ebtables bug: please report to author: Wrong size 01:41:32 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:32 executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r0, 0x2008200) r1 = open(&(0x7f0000000140)='./bus\x00', 0x4000, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) 01:41:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:32 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0xffffffffeffffffe, &(0x7f0000000040)) [ 312.838188] kernel msg: ebtables bug: please report to author: Wrong size [ 312.934160] audit: type=1804 audit(1550454093.010:61): pid=13286 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir546945142/syzkaller.7UcJlR/315/bus" dev="sda1" ino=17073 res=1 01:41:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 313.002012] audit: type=1800 audit(1550454093.030:62): pid=13286 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17073 res=0 01:41:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe8030000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 313.093276] kernel msg: ebtables bug: please report to author: Wrong size [ 313.115140] audit: type=1804 audit(1550454093.120:63): pid=13289 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir546945142/syzkaller.7UcJlR/315/bus" dev="sda1" ino=17073 res=1 [ 313.258479] kernel msg: ebtables bug: please report to author: Wrong size [ 313.261079] audit: type=1804 audit(1550454093.170:64): pid=13286 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir546945142/syzkaller.7UcJlR/315/bus" dev="sda1" ino=17073 res=1 [ 313.301378] audit: type=1804 audit(1550454093.170:65): pid=13286 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir546945142/syzkaller.7UcJlR/315/bus" dev="sda1" ino=17073 res=1 01:41:33 executing program 0: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0xc0) memfd_create(0x0, 0xffffffffffffffff) memfd_create(&(0x7f0000000300)='ppp1/^/&vmnet1selfwlan1\x00', 0x100000000004) syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x1, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'bond_slave_1\x00'}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000440)={@broadcast, @multicast1}, &(0x7f0000000480)=0xc) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f00000004c0)={@dev}, &(0x7f0000000500)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000005c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="f7459ddaa0ff6a17dfd574a4770000", @ANYRES32, @ANYRES16], 0x3}, 0x1, 0x0, 0x0, 0x41}, 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x80000, 0x0) syz_open_dev$loop(&(0x7f0000000180)='/dev/loop#\x00', 0x7968e71e, 0x800) getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, 0x0, &(0x7f00000002c0)) r2 = syz_open_dev$usbmon(0x0, 0x1, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) r3 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffdffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}}) r4 = syz_open_pts(0xffffffffffffffff, 0x0) flock(r4, 0x4) ioctl$sock_inet6_SIOCADDRT(r3, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000, 0x77a0100]}, @rand_addr="58c4c4a733d993a894f49491cb15d13e", @loopback, 0x0, 0x0, 0x0, 0x500}) getpeername$packet(0xffffffffffffff9c, 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000001180)={@mcast1, @rand_addr="ac51848fee59b1716eda4e98968fde79", @empty, 0xffffffff, 0xfffffffffffffff8, 0x6, 0x100, 0x5, 0x4}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 01:41:33 executing program 3: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r0, 0x2008200) r1 = open(&(0x7f0000000140)='./bus\x00', 0x4000, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) 01:41:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x5000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:33 executing program 2: r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) ftruncate(r0, 0x2008200) r1 = open(&(0x7f0000000140)='./bus\x00', 0x4000, 0x0) sendfile(r0, r1, 0x0, 0x8000fffffffe) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000680)='./bus\x00', 0x0) 01:41:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf30f0000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 313.348395] audit: type=1800 audit(1550454093.170:66): pid=13286 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17073 res=0 [ 313.405093] kernel msg: ebtables bug: please report to author: Wrong size 01:41:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 313.461173] audit: type=1804 audit(1550454093.510:67): pid=13315 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir546945142/syzkaller.7UcJlR/316/bus" dev="sda1" ino=17009 res=1 01:41:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf4010000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:33 executing program 3: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x2000000000048}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000003040), 0xd51a3a1c7759b919, 0x0) [ 313.609408] audit: type=1800 audit(1550454093.510:68): pid=13315 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=17009 res=0 [ 313.629186] kernel msg: ebtables bug: please report to author: Wrong size 01:41:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x7000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 313.706586] audit: type=1804 audit(1550454093.510:69): pid=13320 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir024673049/syzkaller.BgkWpI/275/bus" dev="sda1" ino=17089 res=1 01:41:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfdffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:33 executing program 0: unshare(0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000001c0)=0x0) ptrace$getregset(0x4204, r0, 0x203, &(0x7f0000000200)={&(0x7f0000000400)=""/201, 0xc9}) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f00000005c0)=ANY=[@ANYBLOB="6e6174000000004000000000fffffeff00000000000000000000000000000000000000002bbc66a63d3a8a0cb5abe83b147e1fd6d1e79632b39736ebff8cbc9d2720686603a26c8fa2bae89d2a997161ba99212b26c143030cac102a18bb8a0aa138788be30d27376fd32b16b8ddbee740c45e3604b3b3c817dd48c0958782751737bb9504cf5a8317ee85bb05648564194844"], 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x600, 0x0) ioctl$TCGETA(r1, 0x5405, &(0x7f0000000100)) signalfd4(r1, &(0x7f0000000180)={0x9}, 0x8, 0x800) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080), 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x14, 0x42, 0x105}, 0x14}}, 0x0) getrandom(&(0x7f0000000040)=""/59, 0xfe63, 0x0) 01:41:33 executing program 2: fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fstatfs(r0, 0x0) fstatfs(r0, &(0x7f0000000000)) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) 01:41:33 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 313.826221] audit: type=1800 audit(1550454093.510:70): pid=13320 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=17089 res=0 01:41:33 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xa000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 313.919570] kernel msg: ebtables bug: please report to author: Wrong size 01:41:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfeffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:34 executing program 2: 01:41:34 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x20000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff853, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 314.099720] kernel msg: ebtables bug: please report to author: Wrong size [ 314.207464] overlayfs: missing 'lowerdir' [ 314.251323] overlayfs: missing 'lowerdir' 01:41:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:34 executing program 0: 01:41:34 executing program 2: 01:41:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff854, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:34 executing program 3: 01:41:34 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x20100000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:34 executing program 2: 01:41:34 executing program 0: [ 314.653758] kernel msg: ebtables bug: please report to author: Wrong size [ 314.658459] overlayfs: missing 'lowerdir' 01:41:34 executing program 3: 01:41:34 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:34 executing program 2: 01:41:34 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x3f000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff857, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:34 executing program 3: 01:41:34 executing program 2: 01:41:34 executing program 0: 01:41:35 executing program 3: [ 314.934075] kernel msg: ebtables bug: please report to author: Wrong size 01:41:35 executing program 2: 01:41:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x40000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:35 executing program 0: 01:41:35 executing program 3: 01:41:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff859, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:35 executing program 2: [ 315.098390] kernel msg: ebtables bug: please report to author: Wrong size 01:41:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x60000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:35 executing program 3: 01:41:35 executing program 2: 01:41:35 executing program 0: 01:41:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:35 executing program 2: 01:41:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x87600000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:35 executing program 3: [ 315.339249] kernel msg: ebtables bug: please report to author: Wrong size 01:41:35 executing program 0: 01:41:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x8cffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:35 executing program 2: 01:41:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffffffd, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:35 executing program 3: [ 315.530608] kernel msg: ebtables bug: please report to author: Wrong size 01:41:35 executing program 0: 01:41:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:35 executing program 3: 01:41:35 executing program 2: 01:41:35 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xc0ed0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffffffe, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:35 executing program 0: 01:41:35 executing program 3: [ 315.762895] kernel msg: ebtables bug: please report to author: Wrong size 01:41:35 executing program 2: 01:41:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:35 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:36 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bc070") r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00'}) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="000000000c0000000000000008000100736671004800020000007a2ee8aad26436287a000000000000000094430000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1}}, 0x0) 01:41:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xf6ffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:36 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000001100)='/dev/cuse\x00', 0x2, 0x0) read$FUSE(r0, &(0x7f0000000040), 0x1000) write$FUSE_ENTRY(r0, &(0x7f0000001140)={0x90, 0x0, 0x3}, 0x90) 01:41:36 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x100001000008912, &(0x7f0000000000)="0af51f023c123f3188a070") mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='sockfs\x00', 0x0, 0x0) [ 316.038978] kernel msg: ebtables bug: please report to author: Wrong size 01:41:36 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000640)='/dev/loop#\x00', 0x0, 0x0) sysinfo(&(0x7f00000007c0)=""/154) ioctl$BLKPG(r0, 0x1269, &(0x7f00000006c0)={0x2, 0x0, 0x0, 0x0}) 01:41:36 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDMKTONE(0xffffffffffffffff, 0x4b30, 0x0) r1 = syz_open_pts(r0, 0x0) openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, 0x0, 0x0) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000040), 0x27b) 01:41:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xffffff7f, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffffffe, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x94020000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 316.243178] kernel msg: ebtables bug: please report to author: Wrong size 01:41:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffffffe, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xffffff8c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff859, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xfffffff6, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffffffe, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 316.525300] kernel msg: ebtables bug: please report to author: Wrong size 01:41:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff859, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6087ffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff857, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 316.712650] kernel msg: ebtables bug: please report to author: Wrong size 01:41:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff857, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:36 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff857, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xedc000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x200000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 316.930460] kernel msg: ebtables bug: please report to author: Wrong size 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfffff857, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x4000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfdffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 317.131228] kernel msg: ebtables bug: please report to author: Wrong size 01:41:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x300000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x100000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x200000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfdffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 317.334748] kernel msg: ebtables bug: please report to author: Wrong size 01:41:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x200000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfdffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x400000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe8030000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 317.621601] kernel msg: ebtables bug: please report to author: Wrong size 01:41:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x300000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x500000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x80040200, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x400000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 317.797552] kernel msg: ebtables bug: please report to author: Wrong size 01:41:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:37 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 317.993545] kernel msg: ebtables bug: please report to author: Wrong size 01:41:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x500000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x700000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x80040200, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 318.184961] kernel msg: ebtables bug: please report to author: Wrong size 01:41:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x600000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 318.394559] kernel msg: ebtables bug: please report to author: Wrong size 01:41:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x700000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:38 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x800000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x57f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 318.555758] kernel msg: ebtables bug: please report to author: Wrong size 01:41:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xa00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:38 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x900000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 318.762662] kernel msg: ebtables bug: please report to author: Wrong size 01:41:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x53f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:39 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x2010000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 318.988310] kernel msg: ebtables bug: please report to author: Wrong size 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x40020000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x940200, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x3f00000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 319.185484] kernel msg: ebtables bug: please report to author: Wrong size 01:41:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x940200, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x40020000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x4000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 319.392135] kernel msg: ebtables bug: please report to author: Wrong size 01:41:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x940200, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x6000000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x40020000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 319.589499] kernel msg: ebtables bug: please report to author: Wrong size 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1000000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:39 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x8cffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 319.771910] kernel msg: ebtables bug: please report to author: Wrong size 01:41:39 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:39 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xf6ffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 319.963758] kernel msg: ebtables bug: please report to author: Wrong size 01:41:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1000000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 320.132109] kernel msg: ebtables bug: please report to author: Wrong size 01:41:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xffffff7f00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1500000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0xffffffff87600000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 320.347147] kernel msg: ebtables bug: please report to author: Wrong size 01:41:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1100000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x2000000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='\nverlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xa00, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 320.588256] kernel msg: ebtables bug: please report to author: Wrong size 01:41:40 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, &(0x7f0000001f37), 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x900, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='%verlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 320.757938] kernel msg: ebtables bug: please report to author: Wrong size 01:41:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x500, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x900, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:40 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:41 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=',verlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4000000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 320.974429] kernel msg: ebtables bug: please report to author: Wrong size 01:41:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x900, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='\\verlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:41 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3e8, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 321.142232] kernel msg: ebtables bug: please report to author: Wrong size 01:41:41 executing program 2: syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00') ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000800)={'syz_tun\x00'}) recvmmsg(0xffffffffffffffff, &(0x7f0000009340)=[{{0xffffffffffffffff, 0x0, &(0x7f0000003280)=[{&(0x7f0000002180)=""/113, 0x71}, {&(0x7f0000002200)=""/66, 0x42}, {&(0x7f0000002280)=""/4096, 0x1000}, {&(0x7f0000001e40)=""/64, 0x40}], 0x4, &(0x7f00000032c0)=""/224, 0xe0, 0x9}, 0xfffffffffffffffe}, {{0x0, 0x0, &(0x7f0000003480), 0x0, 0x0, 0x0, 0x2}, 0xca}, {{&(0x7f00000034c0)=@sco, 0x80, &(0x7f0000003700)=[{&(0x7f0000003540)=""/187, 0xbb}, {&(0x7f0000003600)=""/253, 0xfd}], 0x2, &(0x7f0000003740)=""/165, 0xa5, 0x10001}, 0x5}, {{&(0x7f0000003800)=@hci, 0x80, &(0x7f0000003940), 0x0, 0x0, 0x0, 0xc1}, 0x6}, {{&(0x7f0000003980)=@ipx, 0x80, &(0x7f0000005bc0)=[{&(0x7f0000003a00)=""/181, 0xb5}, {&(0x7f0000003ac0)=""/4, 0x4}, {&(0x7f0000003b00)=""/4096, 0x1000}, {&(0x7f0000004b00)=""/4096, 0x1000}, {&(0x7f0000005b00)=""/119, 0x77}, {&(0x7f0000005b80)=""/23, 0x17}], 0x6, &(0x7f0000005c40)=""/4096, 0x1000, 0xb5d}, 0x8}, {{0x0, 0x0, &(0x7f0000006ec0)=[{&(0x7f0000006dc0)=""/66, 0x42}, {&(0x7f0000006e40)=""/103, 0x67}], 0x2, &(0x7f0000006f00)=""/245, 0xf5, 0x1000}, 0x5}, {{0x0, 0x0, &(0x7f0000007000), 0x0, &(0x7f0000007040)=""/66, 0x42, 0x800}, 0x7}, {{&(0x7f00000070c0)=@sco, 0x80, &(0x7f0000008300)=[{&(0x7f0000007140)=""/136, 0x88}], 0x1, &(0x7f0000008340)=""/4096, 0x1000, 0x49e1}}], 0x8, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000), 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700)='/dev/mixer\x00', 0x2000000440200, 0x0) bind$xdp(0xffffffffffffffff, &(0x7f0000000040)={0x2c, 0x0, 0x0, 0xd, r0}, 0x10) accept$alg(r0, 0x0, 0x0) getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, &(0x7f00000003c0), &(0x7f00000001c0)=0x60) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000200)={'filter\x00', 0x4}, 0x68) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x15, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x7}, [@alu={0x7, 0x4, 0x0, 0x0, 0xb, 0x0, 0xfffffffffffffffc}, @ldst={0x3, 0x3, 0x6, 0x1, 0xf, 0x40, 0x5}]}, 0x0, 0xc698, 0x0, 0x0, 0x40f00, 0x1, [], 0x0, 0x4}, 0x48) setrlimit(0x2, &(0x7f0000000040)={0x0, 0x5}) prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffa000/0x1000)=nil) 01:41:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:41 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='o\nerlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1f4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4002000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 321.362652] kernel msg: ebtables bug: please report to author: Wrong size 01:41:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:41 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='o%erlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1f4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x5, 0x101040) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x1000}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e21, 0x0, @remote, 0xde65}}, [0x8, 0xee5, 0x1, 0x3ff, 0x6fb, 0x80000000, 0x1, 0x8, 0x700000, 0x80000001, 0x1f, 0x1, 0x1f, 0x4, 0xff]}, &(0x7f0000000200)=0x100) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x0, 0x0, @rand_addr="fe83179570b841b19120845d186154c9", 0x6}, {0xa, 0x4e22, 0x1, @mcast1, 0x40}, 0x1000, [0x0, 0x0, 0x3ff, 0x5, 0x9, 0xa86, 0x1f, 0xa44]}, 0x5c) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1) dup(0xffffffffffffffff) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) fchdir(r2) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) umount2(&(0x7f0000000280)='./file0\x00', 0x0) prctl$PR_SET_FPEMU(0xa, 0x0) syz_open_dev$vcsn(0x0, 0x800, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x228) setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000000)={{}, 0x0, 0x0, 0x0, {0x80000001}, 0x8000000000000000}) setrlimit(0xe, &(0x7f0000000240)={0x81, 0xfffffffffffffffc}) [ 321.580603] kernel msg: ebtables bug: please report to author: Wrong size 01:41:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x53f8ffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x3f00000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x1f4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:41 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ov\nrlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 321.817002] kernel msg: ebtables bug: please report to author: Wrong size 01:41:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x5, 0x101040) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x1000}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e21, 0x0, @remote, 0xde65}}, [0x8, 0xee5, 0x1, 0x3ff, 0x6fb, 0x80000000, 0x1, 0x8, 0x700000, 0x80000001, 0x1f, 0x1, 0x1f, 0x4, 0xff]}, &(0x7f0000000200)=0x100) setrlimit(0x2, &(0x7f0000000040)={0x80000000, 0x4000000007}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x0, 0x0, @rand_addr="fe83179570b841b19120845d186154c9", 0x6}, {0xa, 0x4e22, 0x1, @mcast1, 0x40}, 0x1000, [0x0, 0x0, 0x3ff, 0x5, 0x9, 0xa86, 0x1f, 0xa44]}, 0x5c) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1) dup(0xffffffffffffffff) ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) setsockopt$inet6_icmp_ICMP_FILTER(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0) mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) fchdir(r2) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0) prctl$PR_SVE_GET_VL(0x33, 0x0) umount2(&(0x7f0000000280)='./file0\x00', 0x0) prctl$PR_SET_FPEMU(0xa, 0x0) syz_open_dev$vcsn(0x0, 0x800, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x228) setsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, 0x0, 0x0) ioctl$EXT4_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, &(0x7f0000000000)={{}, 0x0, 0x0, 0x0, {0x80000001}, 0x8000000000000000}) setrlimit(0xe, &(0x7f0000000240)={0x81, 0xfffffffffffffffc}) 01:41:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ov%rlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 322.028860] kernel msg: ebtables bug: please report to author: Wrong size 01:41:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ov,rlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x57f8ffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 322.209434] kernel msg: ebtables bug: please report to author: Wrong size 01:41:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:42 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x54f8ffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ov\\rlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x10, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 322.407481] kernel msg: ebtables bug: please report to author: Wrong size 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ove\nlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x59f8ffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x4, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 322.631742] kernel msg: ebtables bug: please report to author: Wrong size 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ove%lay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:42 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x2, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:42 executing program 3 (fault-call:8 fault-nth:0): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:42 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ove,lay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 322.889313] kernel msg: ebtables bug: please report to author: Wrong size 01:41:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8004020000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:43 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x8, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 323.069478] kernel msg: ebtables bug: please report to author: Wrong size 01:41:43 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ove\\lay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 323.115172] FAULT_INJECTION: forcing a failure. [ 323.115172] name fail_page_alloc, interval 1, probability 0, space 0, times 1 01:41:43 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:43 executing program 2 (fault-call:2 fault-nth:0): r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:41:43 executing program 0 (fault-call:4 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x298, 0x0) [ 323.252099] CPU: 0 PID: 14233 Comm: syz-executor.3 Not tainted 5.0.0-rc6+ #76 [ 323.259418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.268774] Call Trace: [ 323.271371] dump_stack+0x172/0x1f0 [ 323.275014] should_fail.cold+0xa/0x1b [ 323.278911] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 323.284052] ? ___might_sleep+0x163/0x280 [ 323.288212] should_fail_alloc_page+0x50/0x60 [ 323.292713] __alloc_pages_nodemask+0x1a1/0x710 [ 323.297395] ? __lock_acquire+0x53b/0x4700 [ 323.301638] ? __alloc_pages_slowpath+0x2900/0x2900 [ 323.306661] ? __lock_acquire+0x53b/0x4700 [ 323.310906] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 323.316525] alloc_pages_current+0x107/0x210 [ 323.320977] pte_alloc_one+0x1b/0x1a0 [ 323.324784] __pte_alloc+0x20/0x310 [ 323.328458] mcopy_atomic+0x1347/0x2600 [ 323.332438] ? find_held_lock+0x35/0x130 [ 323.336515] ? mm_alloc_pmd+0x300/0x300 [ 323.340499] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 323.346043] ? _copy_from_user+0xdd/0x150 [ 323.350249] userfaultfd_ioctl+0x4dd/0x39e0 [ 323.354612] ? get_pid_task+0xd4/0x190 [ 323.358512] ? userfaultfd_read+0x1940/0x1940 [ 323.363025] ? kasan_check_read+0x11/0x20 [ 323.364934] FAULT_INJECTION: forcing a failure. [ 323.364934] name failslab, interval 1, probability 0, space 0, times 0 [ 323.367179] ? mark_held_locks+0x100/0x100 [ 323.382659] ? proc_fail_nth_write+0x9d/0x1e0 [ 323.387161] ? proc_cwd_link+0x1d0/0x1d0 [ 323.391227] ? __f_unlock_pos+0x19/0x20 [ 323.395200] ? find_held_lock+0x35/0x130 [ 323.399283] ? find_held_lock+0x35/0x130 [ 323.403343] ? __fget+0x340/0x540 [ 323.406813] ? userfaultfd_read+0x1940/0x1940 [ 323.411312] do_vfs_ioctl+0xd6e/0x1390 [ 323.415199] ? userfaultfd_read+0x1940/0x1940 [ 323.419696] ? do_vfs_ioctl+0xd6e/0x1390 [ 323.423764] ? ioctl_preallocate+0x210/0x210 [ 323.428196] ? __fget+0x367/0x540 [ 323.431654] ? iterate_fd+0x360/0x360 [ 323.435456] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 323.440998] ? fput+0x128/0x1a0 [ 323.444364] ? security_file_ioctl+0x93/0xc0 [ 323.448776] ksys_ioctl+0xab/0xd0 [ 323.452241] __x64_sys_ioctl+0x73/0xb0 [ 323.456129] do_syscall_64+0x103/0x610 [ 323.460026] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.465203] RIP: 0033:0x457e29 [ 323.468387] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.487386] RSP: 002b:00007fcaae01dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.495091] RAX: ffffffffffffffda RBX: 00007fcaae01dc90 RCX: 0000000000457e29 [ 323.502352] RDX: 0000000020000100 RSI: 00000000c028aa03 RDI: 0000000000000004 [ 323.509618] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 323.516891] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcaae01e6d4 [ 323.524156] R13: 00000000004c240b R14: 00000000004d4d98 R15: 0000000000000005 [ 323.531440] CPU: 1 PID: 14259 Comm: syz-executor.0 Not tainted 5.0.0-rc6+ #76 [ 323.537261] kernel msg: ebtables bug: please report to author: Wrong size [ 323.538718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.538724] Call Trace: [ 323.538744] dump_stack+0x172/0x1f0 [ 323.538766] should_fail.cold+0xa/0x1b [ 323.565194] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 323.570307] ? lock_downgrade+0x810/0x810 [ 323.574457] ? ___might_sleep+0x163/0x280 [ 323.574479] __should_failslab+0x121/0x190 [ 323.574496] should_failslab+0x9/0x14 [ 323.574507] __kmalloc+0x2dc/0x740 [ 323.574521] ? __lock_acquire+0x53b/0x4700 [ 323.582888] ? get_pid_task+0xd4/0x190 [ 323.582904] ? rw_copy_check_uvector+0x28c/0x330 [ 323.582922] rw_copy_check_uvector+0x28c/0x330 [ 323.582937] ? mark_held_locks+0x100/0x100 [ 323.582956] import_iovec+0xbf/0x200 [ 323.598478] ? dup_iter+0x260/0x260 [ 323.598493] ? find_held_lock+0x35/0x130 [ 323.598508] ? __fget+0x340/0x540 [ 323.615729] vfs_readv+0xc6/0x160 [ 323.630357] ? compat_rw_copy_check_uvector+0x3f0/0x3f0 [ 323.635732] ? kasan_check_read+0x11/0x20 [ 323.639915] ? __fget+0x367/0x540 [ 323.643379] ? iterate_fd+0x360/0x360 [ 323.647253] ? check_preemption_disabled+0x48/0x290 01:41:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe0ffffffffffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:43 executing program 3 (fault-call:8 fault-nth:1): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 323.652300] ? wait_for_completion+0x440/0x440 [ 323.656905] ? __fget_light+0x1a9/0x230 [ 323.660887] do_preadv+0x1c4/0x280 [ 323.664434] ? do_readv+0x290/0x290 [ 323.668067] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 323.672842] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 323.677615] ? do_syscall_64+0x26/0x610 [ 323.681583] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.686949] ? do_syscall_64+0x26/0x610 [ 323.690945] __x64_sys_preadv+0x9a/0xf0 [ 323.694926] do_syscall_64+0x103/0x610 [ 323.698819] entry_SYSCALL_64_after_hwframe+0x49/0xbe 01:41:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xe803000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 323.700661] FAULT_INJECTION: forcing a failure. [ 323.700661] name failslab, interval 1, probability 0, space 0, times 0 [ 323.704003] RIP: 0033:0x457e29 [ 323.704018] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.704025] RSP: 002b:00007f5a62080c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 323.704038] RAX: ffffffffffffffda RBX: 00007f5a62080c90 RCX: 0000000000457e29 01:41:43 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='over\nay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 323.704046] RDX: 0000000000000298 RSI: 0000000020000700 RDI: 0000000000000004 [ 323.704056] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 323.737304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a620816d4 [ 323.737312] R13: 00000000004c4934 R14: 00000000004d8170 R15: 0000000000000005 [ 323.802637] CPU: 1 PID: 14267 Comm: syz-executor.3 Not tainted 5.0.0-rc6+ #76 [ 323.809944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.819317] Call Trace: [ 323.821914] dump_stack+0x172/0x1f0 [ 323.825551] should_fail.cold+0xa/0x1b [ 323.829447] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 323.834555] ? lock_downgrade+0x810/0x810 [ 323.838704] ? ___might_sleep+0x163/0x280 [ 323.842860] __should_failslab+0x121/0x190 [ 323.847094] should_failslab+0x9/0x14 [ 323.850894] kmem_cache_alloc+0x2be/0x710 [ 323.855046] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 323.860586] ptlock_alloc+0x20/0x70 [ 323.864219] pte_alloc_one+0x6d/0x1a0 [ 323.868027] __pte_alloc+0x20/0x310 [ 323.871654] mcopy_atomic+0x1347/0x2600 [ 323.875632] ? find_held_lock+0x35/0x130 [ 323.879712] ? mm_alloc_pmd+0x300/0x300 [ 323.883700] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 323.889256] ? _copy_from_user+0xdd/0x150 [ 323.893405] userfaultfd_ioctl+0x4dd/0x39e0 [ 323.897744] ? get_pid_task+0xd4/0x190 01:41:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf30f000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:44 executing program 0 (fault-call:4 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x298, 0x0) [ 323.901643] ? userfaultfd_read+0x1940/0x1940 [ 323.906237] ? kasan_check_read+0x11/0x20 [ 323.910398] ? mark_held_locks+0x100/0x100 [ 323.914630] ? proc_fail_nth_write+0x9d/0x1e0 [ 323.919126] ? proc_cwd_link+0x1d0/0x1d0 [ 323.923193] ? __f_unlock_pos+0x19/0x20 [ 323.927176] ? find_held_lock+0x35/0x130 [ 323.931244] ? find_held_lock+0x35/0x130 [ 323.935303] ? __fget+0x340/0x540 [ 323.938766] ? userfaultfd_read+0x1940/0x1940 [ 323.943316] do_vfs_ioctl+0xd6e/0x1390 [ 323.947206] ? userfaultfd_read+0x1940/0x1940 [ 323.951705] ? do_vfs_ioctl+0xd6e/0x1390 [ 323.955787] ? ioctl_preallocate+0x210/0x210 [ 323.955802] ? __fget+0x367/0x540 [ 323.955819] ? iterate_fd+0x360/0x360 [ 323.955834] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 323.963680] ? fput+0x128/0x1a0 [ 323.963701] ? security_file_ioctl+0x93/0xc0 [ 323.963721] ksys_ioctl+0xab/0xd0 [ 323.963738] __x64_sys_ioctl+0x73/0xb0 [ 323.973126] do_syscall_64+0x103/0x610 [ 323.973146] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.973157] RIP: 0033:0x457e29 01:41:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:41:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='over%ay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 323.973171] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.973180] RSP: 002b:00007fcaae01dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.980829] RAX: ffffffffffffffda RBX: 00007fcaae01dc90 RCX: 0000000000457e29 [ 323.980838] RDX: 0000000020000100 RSI: 00000000c028aa03 RDI: 0000000000000004 [ 323.980846] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 01:41:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2, &(0x7f0000000140)) [ 323.980855] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcaae01e6d4 [ 323.980863] R13: 00000000004c240b R14: 00000000004d4d98 R15: 0000000000000005 [ 324.041447] kernel msg: ebtables bug: please report to author: Wrong size [ 324.083505] FAULT_INJECTION: forcing a failure. [ 324.083505] name failslab, interval 1, probability 0, space 0, times 0 [ 324.132852] CPU: 0 PID: 14290 Comm: syz-executor.0 Not tainted 5.0.0-rc6+ #76 [ 324.140186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.149547] Call Trace: [ 324.152155] dump_stack+0x172/0x1f0 [ 324.155790] should_fail.cold+0xa/0x1b [ 324.159683] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 324.164791] ? lock_downgrade+0x810/0x810 [ 324.168956] ? ___might_sleep+0x163/0x280 [ 324.173223] __should_failslab+0x121/0x190 [ 324.177560] should_failslab+0x9/0x14 [ 324.181364] kmem_cache_alloc_node_trace+0x270/0x720 [ 324.186473] ? find_held_lock+0x35/0x130 [ 324.190539] ? __might_fault+0x12b/0x1e0 [ 324.194625] __kmalloc_node+0x3d/0x70 [ 324.198429] kvmalloc_node+0x68/0x100 [ 324.202322] ? seq_dentry+0x2d0/0x2d0 [ 324.206122] seq_read+0x832/0x1130 [ 324.209681] ? seq_dentry+0x2d0/0x2d0 [ 324.213475] proc_reg_read+0x1fa/0x2c0 [ 324.217362] ? proc_reg_unlocked_ioctl+0x2a0/0x2a0 [ 324.222306] ? rw_verify_area+0x118/0x360 [ 324.226452] do_iter_read+0x4a9/0x660 01:41:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 324.230251] ? dup_iter+0x260/0x260 [ 324.233877] vfs_readv+0xf0/0x160 [ 324.237420] ? compat_rw_copy_check_uvector+0x3f0/0x3f0 [ 324.242791] ? kasan_check_read+0x11/0x20 [ 324.246957] ? __fget+0x367/0x540 [ 324.250419] ? iterate_fd+0x360/0x360 [ 324.254226] ? check_preemption_disabled+0x48/0x290 [ 324.259492] ? wait_for_completion+0x440/0x440 [ 324.264205] ? __fget_light+0x1a9/0x230 [ 324.266331] kernel msg: ebtables bug: please report to author: Wrong size [ 324.268213] do_preadv+0x1c4/0x280 [ 324.268253] ? do_readv+0x290/0x290 01:41:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='over,ay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 324.282400] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.287155] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.291913] ? do_syscall_64+0x26/0x610 [ 324.295900] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.301274] ? do_syscall_64+0x26/0x610 [ 324.305266] __x64_sys_preadv+0x9a/0xf0 [ 324.309251] do_syscall_64+0x103/0x610 [ 324.313154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.318338] RIP: 0033:0x457e29 01:41:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 324.321528] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.340433] RSP: 002b:00007f5a62080c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 324.348149] RAX: ffffffffffffffda RBX: 00007f5a62080c90 RCX: 0000000000457e29 [ 324.355422] RDX: 0000000000000298 RSI: 0000000020000700 RDI: 0000000000000004 [ 324.362692] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 324.369976] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a620816d4 [ 324.377246] R13: 00000000004c4934 R14: 00000000004d8170 R15: 0000000000000005 01:41:44 executing program 3 (fault-call:8 fault-nth:2): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xf401000000000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x1267, &(0x7f0000000140)) 01:41:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='over.ay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 324.464900] kernel msg: ebtables bug: please report to author: Wrong size 01:41:44 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:44 executing program 0 (fault-call:4 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x298, 0x0) 01:41:44 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x1274, &(0x7f0000000140)) 01:41:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfdffffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:44 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overLay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 324.657229] FAULT_INJECTION: forcing a failure. [ 324.657229] name failslab, interval 1, probability 0, space 0, times 0 [ 324.683353] kernel msg: ebtables bug: please report to author: Wrong size [ 324.736850] CPU: 1 PID: 14334 Comm: syz-executor.0 Not tainted 5.0.0-rc6+ #76 [ 324.744171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.753522] Call Trace: [ 324.756133] dump_stack+0x172/0x1f0 [ 324.759781] should_fail.cold+0xa/0x1b [ 324.759799] ? get_mem_cgroup_from_mm+0x10b/0x2b0 [ 324.759815] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 324.768516] ? find_held_lock+0x35/0x130 [ 324.768533] ? rcu_read_unlock+0x16/0x60 [ 324.768552] __should_failslab+0x121/0x190 [ 324.785936] should_failslab+0x9/0x14 [ 324.789757] kmem_cache_alloc_trace+0x4b/0x760 [ 324.794343] ? kasan_check_read+0x11/0x20 [ 324.798503] memcg_kmem_get_cache+0x244/0x5f0 [ 324.803005] kmem_cache_alloc_node_trace+0x1b5/0x720 [ 324.808112] ? find_held_lock+0x35/0x130 [ 324.812177] ? __might_fault+0x12b/0x1e0 [ 324.816245] __kmalloc_node+0x3d/0x70 [ 324.820061] kvmalloc_node+0x68/0x100 [ 324.823863] ? seq_dentry+0x2d0/0x2d0 [ 324.827679] seq_read+0x832/0x1130 [ 324.831236] ? seq_dentry+0x2d0/0x2d0 [ 324.835069] proc_reg_read+0x1fa/0x2c0 [ 324.838963] ? proc_reg_unlocked_ioctl+0x2a0/0x2a0 [ 324.843926] ? rw_verify_area+0x118/0x360 [ 324.848083] do_iter_read+0x4a9/0x660 [ 324.851894] ? dup_iter+0x260/0x260 [ 324.855542] vfs_readv+0xf0/0x160 [ 324.859121] ? compat_rw_copy_check_uvector+0x3f0/0x3f0 [ 324.864490] ? kasan_check_read+0x11/0x20 [ 324.868645] ? __fget+0x367/0x540 [ 324.872114] ? iterate_fd+0x360/0x360 [ 324.875922] ? check_preemption_disabled+0x48/0x290 [ 324.880946] ? wait_for_completion+0x440/0x440 [ 324.885535] ? __fget_light+0x1a9/0x230 [ 324.889599] do_preadv+0x1c4/0x280 [ 324.893132] ? do_readv+0x290/0x290 [ 324.896760] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.896775] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 324.896808] ? do_syscall_64+0x26/0x610 [ 324.896822] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.896836] ? do_syscall_64+0x26/0x610 [ 324.906316] __x64_sys_preadv+0x9a/0xf0 [ 324.906330] do_syscall_64+0x103/0x610 [ 324.906347] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.932606] RIP: 0033:0x457e29 [ 324.935799] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.954806] RSP: 002b:00007f5a62080c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 324.962516] RAX: ffffffffffffffda RBX: 00007f5a62080c90 RCX: 0000000000457e29 [ 324.969784] RDX: 0000000000000298 RSI: 0000000020000700 RDI: 0000000000000004 [ 324.977050] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 01:41:44 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xfeffffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x1275, &(0x7f0000000140)) [ 324.984402] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5a620816d4 [ 324.991685] R13: 00000000004c4934 R14: 00000000004d8170 R15: 0000000000000005 01:41:45 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='over\\ay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffff00000000, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 325.064838] kernel msg: ebtables bug: please report to author: Wrong size 01:41:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x1276, &(0x7f0000000140)) 01:41:45 executing program 0 (fault-call:4 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x298, 0x0) 01:41:45 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:45 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overuay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:45 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2201, &(0x7f0000000140)) [ 325.295081] kernel msg: ebtables bug: please report to author: Wrong size 01:41:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x298, 0x0) 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2202, &(0x7f0000000140)) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overl\ny\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2, 0x0) 01:41:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffffffffffe0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:46 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x2, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2203, &(0x7f0000000140)) [ 325.978186] kernel msg: ebtables bug: please report to author: Wrong size 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3, 0x0) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overl%y\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0xffffffffffffffff, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 326.135709] kernel msg: ebtables bug: please report to author: Wrong size 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2205, &(0x7f0000000140)) 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x4, 0x0) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overl,y\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:46 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x5421, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:46 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000001, 0x10010, r0, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000140)={{0x73, @rand_addr=0x3, 0x4e22, 0x1, 'lc\x00', 0x25, 0xfff, 0x5e}, {@dev={0xac, 0x14, 0x14, 0x1b}, 0x4e20, 0x1, 0x9, 0x4, 0x6}}, 0x44) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) [ 326.329268] kernel msg: ebtables bug: please report to author: Wrong size 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x5, 0x0) 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2270, &(0x7f0000000140)) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overl\\y\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000140)=0xc) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x1) [ 326.543201] kernel msg: ebtables bug: please report to author: Wrong size 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2271, &(0x7f0000000140)) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x6, 0x0) 01:41:46 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x5450, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overla\n\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 326.728383] kernel msg: ebtables bug: please report to author: Wrong size 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2272, &(0x7f0000000140)) 01:41:46 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000140)={'filter\x00', 0x4}, 0x68) shutdown(r0, 0x400000000000001) 01:41:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x7, 0x0) 01:41:46 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2275, &(0x7f0000000140)) 01:41:46 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overla%\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 326.921377] kernel msg: ebtables bug: please report to author: Wrong size 01:41:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2276, &(0x7f0000000140)) 01:41:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x8, 0x0) 01:41:47 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x5451, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 327.126860] kernel msg: ebtables bug: please report to author: Wrong size 01:41:47 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x02', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) accept$inet(r0, &(0x7f0000000000), &(0x7f0000000140)=0x10) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0af51f023c123f3188a070") mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000007, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mprotect(&(0x7f0000b8a000/0x3000)=nil, 0x3000, 0x0) mprotect(&(0x7f000079b000/0x3000)=nil, 0x3000, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) 01:41:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2279, &(0x7f0000000140)) 01:41:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x9, 0x0) 01:41:47 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x03', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xa, 0x0) 01:41:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227a, &(0x7f0000000140)) 01:41:47 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x5452, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:47 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x04', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 327.528493] kernel msg: ebtables bug: please report to author: Wrong size [ 327.563135] kernel msg: ebtables bug: please report to author: Wrong size 01:41:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xb, 0x0) 01:41:47 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227b, &(0x7f0000000140)) 01:41:47 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 327.843649] kernel msg: ebtables bug: please report to author: Wrong size 01:41:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x05', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xc, 0x0) 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227c, &(0x7f0000000140)) 01:41:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x575e87dd, 0x4) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:49 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x5460, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) [ 329.052539] kernel msg: ebtables bug: please report to author: Wrong size 01:41:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x06', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xd, 0x0) 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227e, &(0x7f0000000140)) 01:41:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:49 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="6744e6986202000001000000008db0c2e2380000000000000000000000"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/131, 0x83}, {&(0x7f0000000200)=""/239, 0xef}, {&(0x7f0000000300)=""/128, 0x80}, {&(0x7f0000000380)=""/240, 0xf0}], 0x4) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=0x0) sched_setscheduler(r2, 0x7, &(0x7f00000004c0)) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r1, 0x400000000000001) 01:41:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xe, 0x0) 01:41:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\a', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227f, &(0x7f0000000140)) [ 329.299380] kernel msg: ebtables bug: please report to author: Wrong size 01:41:49 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x40049409, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\n', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0xf, 0x0) [ 329.499026] kernel msg: ebtables bug: please report to author: Wrong size 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2282, &(0x7f0000000140)) 01:41:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x4, 0x80000) ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000140)=""/130) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2283, &(0x7f0000000140)) [ 329.676028] kernel msg: ebtables bug: please report to author: Wrong size 01:41:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x10, 0x0) 01:41:49 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay`', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:49 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:49 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x4020940d, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:49 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2284, &(0x7f0000000140)) [ 329.885108] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="6744669865b0eca49caca4dd0014cd7cf4e766cf69a1cebc99e08a9cc02de6000000000000000000000000000000"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x1, 0x0) ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000140)={0x281, 0x3}) shutdown(r0, 0x400000000000001) 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x11, 0x0) 01:41:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2285, &(0x7f0000000140)) [ 330.048483] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 330.097724] overlayfs: missing 'lowerdir' 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x12, 0x0) 01:41:50 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x8010aa01, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 330.210606] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000140)) 01:41:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4080000000000003, 0x100) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 330.331277] overlayfs: missing 'lowerdir' [ 330.335837] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x13, 0x0) 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2287, &(0x7f0000000140)) 01:41:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 330.431812] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x14, 0x0) 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = accept4(0xffffffffffffff9c, 0x0, &(0x7f00000064c0), 0x80000) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000006500)={0x0, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, [0x1a2a0b7a, 0xfffffffffffffffd, 0x6, 0x5, 0x3f, 0x2, 0x800, 0x1, 0xaffe, 0x6, 0x9, 0x20, 0x8, 0x0, 0x3]}, &(0x7f0000006600)=0x100) open(&(0x7f0000000000)='./file0\x00', 0x800, 0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000006640)={r1, @in6={{0xa, 0x4e24, 0x67, @dev={0xfe, 0x80, [], 0x23}, 0x2}}, 0xfffffffffffffffd, 0x5}, &(0x7f0000006700)=0x90) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r2, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r2, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r2, 0x400000000000001) [ 330.555985] overlayfs: missing 'lowerdir' 01:41:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2288, &(0x7f0000000140)) 01:41:50 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 330.647641] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x15, 0x0) [ 330.741733] overlayfs: missing 'lowerdir' 01:41:50 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:50 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2289, &(0x7f0000000140)) 01:41:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x16, 0x0) 01:41:50 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0xb, 0x8000) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x4) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) shutdown(r1, 0x400000000000001) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x800) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f00000001c0)={0x0}) r4 = mmap$binder(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000003, 0x13, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0xbc, 0x0, &(0x7f00000002c0)=[@transaction_sg={0x40486311, {{0x4, 0x0, 0x1, 0x0, 0x10, 0x0, 0x0, 0x30, 0x10, &(0x7f0000000140)=[@fd={0x66642a85, 0x0, r1, 0x0, 0x2}, @fd={0x66642a85, 0x0, r0, 0x0, 0x3}], &(0x7f0000000180)=[0x58, 0x48]}, 0xf4d6}}, @transaction_sg={0x40486311, {{0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x48, 0x20, &(0x7f0000000200)=[@flat={0x73622a85, 0x10b, r3, 0x2}, @flat={0x73682a85, 0x1, r4, 0x2}, @fd={0x66642a85, 0x0, r0, 0x0, 0x1}], &(0x7f0000000280)=[0x38, 0x78, 0x0, 0x38]}, 0x48361cb4}}, @clear_death={0x400c630f, 0x4}, @request_death={0x400c630e, 0x4, 0x2}, @register_looper], 0x17, 0x0, &(0x7f0000000380)="02bb4b6f1c35e01a4c65f4fddeffe158050d6bde676afd"}) [ 330.845114] kernel msg: ebtables bug: please report to author: Wrong size 01:41:50 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5382, &(0x7f0000000140)) 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x17, 0x0) [ 330.989233] overlayfs: missing 'lowerdir' [ 331.021858] kernel msg: ebtables bug: please report to author: Wrong size 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:51 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc0045878, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:51 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay ', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5385, &(0x7f0000000140)) 01:41:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x200000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000140)={0x5, 0x6, 0x2, 'queue0\x00', 0x1}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="674446980000000001000300000000009bffd3bf35"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r1, 0x400000000000001) 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x18, 0x0) [ 331.135730] kernel msg: ebtables bug: please report to author: Wrong size 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x19, 0x0) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5386, &(0x7f0000000140)) 01:41:51 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 331.355193] kernel msg: ebtables bug: please report to author: Wrong size [ 331.386875] overlayfs: missing 'lowerdir' 01:41:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x1a, 0x0) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5421, &(0x7f0000000140)) [ 331.413218] overlayfs: missing 'lowerdir' 01:41:51 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc0045878, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:51 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x10', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 331.557209] kernel msg: ebtables bug: please report to author: Wrong size 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5450, &(0x7f0000000140)) 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x1b, 0x0) 01:41:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000000)) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000000140)={0x2, 0x4e27, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0xa3531deb31fee844, 0x0) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200)='TIPC\x00') sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4003010}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r2, 0x402, 0x70bd2b, 0x25dfdbff, {{}, 0x0, 0x4102, 0x0, {0x10, 0x13, @l2={'eth', 0x3a, 'batadv0\x00'}}}, ["", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) shutdown(r0, 0x400000000000001) 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5451, &(0x7f0000000140)) [ 331.724678] cgroup: fork rejected by pids controller in /syz3 01:41:51 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 331.766783] kernel msg: ebtables bug: please report to author: Wrong size 01:41:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x1c, 0x0) 01:41:51 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5452, &(0x7f0000000140)) [ 331.839733] overlayfs: missing 'lowerdir' 01:41:51 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:52 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="6744669800000000017d6e995e60a14e0a539943b3"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000140)=""/127, &(0x7f0000000000)=0x7f) shutdown(r0, 0x400000000000001) 01:41:52 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc0189436, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x1d, 0x0) [ 332.011750] kernel msg: ebtables bug: please report to author: Wrong size [ 332.051664] overlayfs: missing 'lowerdir' 01:41:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x5460, &(0x7f0000000140)) [ 332.075300] IPVS: length: 127 != 8 01:41:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 332.134697] IPVS: length: 127 != 8 01:41:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x1e, 0x0) 01:41:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x40049409, &(0x7f0000000140)) [ 332.187020] kernel msg: ebtables bug: please report to author: Wrong size 01:41:52 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="67446698000000000100030000bf35000000000000"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 332.246409] overlayfs: missing 'lowerdir' 01:41:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x21, 0x0) 01:41:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x87', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 332.338218] kernel msg: ebtables bug: please report to author: Wrong size 01:41:52 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc018aa3f, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x4020940d, &(0x7f0000000140)) 01:41:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x22, 0x0) 01:41:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0xc0045878, &(0x7f0000000140)) 01:41:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\xc0', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:52 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cachefiles\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e22, @multicast2}}, [0x4, 0x6, 0x0, 0x3, 0x4, 0x80, 0x0, 0xb6, 0x4, 0x2, 0x6, 0x7, 0x35, 0x2, 0x6]}, &(0x7f0000000280)=0x100) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000011c0)={r3, 0x1000, "2c001b216a877a5df5177e3e2fbbc0bf2f9b2e583174e09b74f1f4dfc103d266c4891a708c80cbd008da655c96c09aee6f5068ca2e046736d0b35baf4f50065763fe58c2444f94fec3ab15918636708848c524e7f19288fe04ff5aa6e8877a11a31072b9c94b573efe8efa9df79722f36578db84a045b1a027a7ae7ff12d8210b3277d9a05c308866c0a94a6deb786f6151fe0d0b6ac318511a561d3eb17cb122aca519c502c7efabcbb2aeb8b3adaf6693357e0f7841243039396532f73d694c762400637bec7aa7ce5efb8ec652ba25ed3e24f3a967597d8b13806efb36c9ab6f634a7e91a78fae280c6281bc126928d9639cf7a9776a13afe5d6a73ffe27ee5e578171c0a57c0a72d75c5576d615c2f0cb56deee40aed92976770073fc077065ce45a1ef1342c58bf24aaa8542d4788c29fb43399ee827ba0660486d5d11e3ba03b8dcf56e02ded4e983b509a3b65cac7aa407dc3c4eca5112e56fcbbcd3f731adf224f825f00f140adbec5c383f36434f90895906d415832b21158a5d0538fee3b8fe38d14bc7431563225432b90c0281b3a2b8331a2e5ccabe3b13250c9a940d9ba9b19e33d281d048a7a9bf8ed89aa13d98866e8cdcf24d5a37ce20e20c6c9bf0fe3c720caf696739e125dffcd0a5d9abf20e746e438e3218331cc1ecfe2c2bf7368ca932cd355e7f0f61a4e2abee51dc6b9f8c2040702767ae4ef9b361a3c8c9a4d8a0054edc17b7caedb9cfaf9258468c6c4cbf14043e4f9d6ad664041a0476a8a81af5047301c1d03c6f3b82679972cc9ff48c6f74778ac07eddb2696380c618e74fd029fe7e44451e164ecf100e3ddec37f2d461d529f04332736765e6e914c8f821b904234f5d12bc7bfddaa2731096301ed4f1e51f6fc29829477c7ea585896060761cbe8f48d1f2933fa3f7b869944bc3e470d0e1a6822b9a8e8e18eb5f8ac081f44dfb5e321921ba998fcd27ca4c2417e83c82c4ed12f4ac9bfefb63dc25dfa4e75bcac1cd3a9ed67398a14d5f5594684771a41665cb956eb3f587f8a083286db2eecc8a003ab8c234eec2927520994fa4d13528d207c12d79f410826ef337f27ebf32ee01b5bee50569711d831f5fcd03e78314abef8470645d3a2bbc278d6f47d730fbd05f0250c51324ef8201ff1888027f370cd06f61a9ae5b20804742fa2b46bd70946d2d7f68bdd00886f905163801fc515744335f49d26a18ffe743f89901d69b815da58fa3741a53d8f8d2e5b4506b94569dd2338159bffc9101cb5c76941690c8c3f0dfb20a1c33d81f78e3db1682c2161ea211cee0df8587bf7478b132080c3140bd916556385968234ead26057b515aede6612eb36ef0774dac250929ea4189b195e711d0f704f96c9221fd190ddb19720bf26561d43131ed6951dc79c8d63ba9f6252edc10c22323b4cb537f99b03b328b826b74c77c2e8f04d677c2d6c0a26dffafb62407e90bd4dc05c2a295d56ae4c4dfabcf2981004b3f29c39a5b222708ef527bc2f8fa4ca36d72a72af8b32d9c7dd13287d398584d942becdde96f2e261f99208fcc21d9780946022dbd38548309639aa54a6b5510f95904fa7c78ff33e12d586e56d3dec4b23539dde6d0722fc4e5d044bc85dd59a7232de56d88971d908a5afaf0ebc6914a9154be0dc298b59f1676ea167dc14c1d7a83c2fbc713f7828f03cfc3bd71bfb249d9865cf95064b425f64b3f4c21614508b14a55d9641668e33cd0277f87a76b8016ee49590321dbdd648f757c8e5acc083dbba956ac0c064b955d1a3dc57db04dc1ad5a6e59674485b447c7704ce3a5a9194eddccc95ded2411399b92c953a7ec13fa86c3d2971a9badb288e30eeb79c3608d64621009ba37784d1c89d695b3879b68b0c0edbc76a34702ba987d7411206174b4f8ede65fb1c0f51a48b8f19c38fd2206bc77f053998d30123b15116b8806351cbfee12690ecd0bc2ce8ab5defd40870f276883a3458b939a12fa6c34fa0c69d8b62f748089f9f4343f86dd722f25ac1c7959077e3a39b51b7033098b75d8112ea130c63407d346f39c76c663557b7f14520b4756cc616ee7c3a4b5b84b4baf22dd57f5f3579a119f1745f447f9581cdfac763749e93dfbcdb8815204e2142d7f111df3008de780c34d9c063da81fc07dbf744f1ed52b75e2a2fd3af56280c9b98baf17f8a9dbeca030939b91cbaf949f38b9b0be1bd8802a12e07578b015fe3b0f74687f2b6ba4b78150a10c76dd6d697ed51bfb20994c7e4e7640e79000633feb69e3e2a57f58c5debc324064a0fb25f02b7868cb25887248d8bcc814fad3e2a92a779f0abd95191d10f1162e2a9b0b87a3b2f215ddf78cc319cadea1979ba9362f58d61f07838ee6b568dedc25051c0653ac46b310cc8d8c8c1a085f0d0f1c4aa079a09fc905d7f5e93d4f8ea3954a8324392aceac1eb148ad701f674ff8f81386ec75af3ab741c68857eaf1283180940c1bdbc49b56977c71ec1774dfc6a577ca06c2a4e42ee6934acbe458a122f017c6bc0a7678fdfe849ab980c16a1a8791b7f7de21a5ef335461af83cfe9dcc209ef633ceff41b39c291d9a34216056e044e2194faecff00b1ba4bf68f9f5e583f314f45e4bbe12145db1ca94a3187c4158adb67917eb38a44cb268ea83e5ad29852ad6896ec46c812c261db59b27ec7ef4d199d7a05c11b3b9b7fa9dc0e8196b44044124cbd4578280989b577bb8ffe1b905ee96a62fa806359cd517a09485c97f3a6fb1d21c21c0c5bc7883f51dafe09ecb35d06a82a15457e2953058114cb933af3122ecfdc41ec0654c555c3bf5538958d48f7da6fec3bfd8b6e5fef5e1f61972a320043d5c93c32bd52f75a01e8af098da5d4b9d0961d59e31c3c21fb40fe7e4840fb59ff9e1a9cd541bc6ad0c320ddfbc3debc6b9a744afd0efc407e6d93d90dc33f8f8db2d70a19fbce7f0bba1affe3bbd70093327eb6d9d3fc5ef6b1e43b980bd2f5b9b88103be2e0bbc1f70753331dc2d647e2ebd4b19c5c90aaf463864a9b192076055877ec1890e71f7e681af4b5744838d775cad532d8bee52b6809f0c3575fa2fd4fbb11430bfdb49900b1cc0707ef174c7c9c9160093e5240dd3378c7f83b6e149f6a3405e51dd4933c57bd64b7b76e7a0d83e9c2b283a76ca2a82557e838f1a73ed01473d4ed863bdf50adafed0c3e9fa51de1d82f0f1ce47f9ea87a225ef67330506dc2d05fb99954fb96d493a84d1bc7fa4109a77fc76083c5b4f40b5a1465c223862432a4b3d46e0781fe70a0131f48857ec64e452b453e75907ca70fc6eb348e46a645ef43992f4804ebdfef7d1533b2ff40a2400ffa0c735daa7572d9710a46bcd4db2c2046d7ceafd3cef00dc4d024de817cf2dac3636323da8542b6202c976ccda2fe49241fd3043ca56823ab5b737019072eb3401d6e5ec3a4b5fbd4f0835509544905c5604a234072175fae08e47a7a3d01e3389c25a62a42b5f12b9a3e67260321aa93a98af9e1efd374025141d31e89cacafe18673e36c38c23ef9633a1af5dea70165184320cf8344aa550f6dab234ccf6f18fe3a1d27bb163c1103da94953e7ff0ead858d4f205206fca8cd35756374d573088f5b58b6bfca0dd18472d50eb51fa80f5efb956e8e0b68bda4c8b68c43e16d181d48a4db7e6421efbdd1c4228a3a8ece975a2ffa5dfe8aab1d452ca53bc149b291eb24f00d4c10d86f881eb6526e8aea954daaf6027c4b56a8888096fad0203ebc42bf896ef9ff6ead88ea581a0f0cc1332f51b65c0c6d74dc685c91bae52251a0bf3835ae43412bfd133d00f7da54f01b9a0c33bdf923c05e2084df43a4240919cad06fcdb2d7ce44d75b25fef8ea9bcf3379008aa8ed005bdab3c6be260e29f426131255e8dc8a3d6a6405a94923191d2ca28f0c5399ba7b667a6e3315d8205247996c9b218a507239e6aff96607a34beaa9b182fdd05da19db277a638dc42264d757a8e669666ecd32a93480811dab5f403001539d781cb473558a621b25024a6d3de50354a48d2189da4127fb0cdb5cd25b11a0e093fc195f0c34f6eba1d77118c7ee0c13eeb08e0158c5ec5263549768ecd3d29041b19792f8e8db2e240af9949050a784e6edcdcbb255acf4e37b0bac36fac7e4274ed63c72f836f3d8261bfc6618d3740ebcb72be4be554046a569c9f27a2c387041b4dc57d10f1e6c85dc61f8f1d2f036a8d230ba0ff8a7be2b8fd99d07d92830c9cd6445df0c25c4dbf99c8cbb6bad5746d297da20fd235e12e20db8b35f134400a566182b8f9668167e0c1687ae1442d0f84bab363f8762243a2b9a0bc493a7ecaec66e88321f22d59762d6fb2ae980eb4d790d41239d2674c182d58fe90c7e83a0b6cf55e46208908fcc78f2404c01b237a951fd8cc833682219f1818f5964123845d6aab03ff946f9838d714eb1e36e90ae9e8c24e1c3f9ab631de85ed79fc207e439a61d1ddb580a22d3e973b0a888dee77e4ae25b2414c44f7d7107325e3379358ff06c7d76b70659641c3de5e0046a196416a023dc4dc81aa146007d25e20f817ea1d2f06a6558b8c9c63c39be69c39f417eb9bdc7c05f8bc120b5875bbe30dc9f6812fb938357886f8ca6d012085872e6e5d0d839f6d115014c8143fa1ecc9bb38972233e6a0666679ce872d31633767696d0df9722b74247f619ea1924d94540e6798019ffd1412875394178f56161265e16dbdb160d276b808afaef3d9789e5efa1053c68d5f3a8341cb2af542ae01163e715f4da5bb7bc3e2bdbf4b71add8d825a0ece58e2b8e3a39a356087b1a3446c0b2b74b7f0959bbc4f548cfd49b8280119e80427d1030c0451c4456df4b019b9283ac83a993b242687ebcd5cfb3472e165075e6e81013580c6acc080bc5476b7ec7859d289616a04fcd0e2f964764d5b0142fa4d659009ae59ef2db3e468476bf3354501cd448b9c577deb55fcbc881daddec8c155f0dc69a49c752889e3314c5df5769e308d823770cd1ee945ca6a1dd8a8ff55f3372ed5c190ffb249b05909c9b9c9a833f8e093d459b387f28b4786b43d647483b0331ae64f92ec549455388d37aba8d86f48019e690b4559a7413283dbb6d5b399e3d72de241c1d571aae21300171f758da6074860b255bb430ca1fa502b72e7713e6a536eacec03c614cd0abd3309847cc4a83741210e4e1f2b778b2e010c1ac790c6a6d040d97757f94c9f405cc5aaa793f610cf48e624c305fd1c30cb5706122d6573889e04064d31fea9997080877283c5d92abff9c692fe27f7e6bf525516d2b9b6e03f73a80203723dc43ba6b182786785f9b135981d0e6488ce8d4f24a12efe4cff05c93c7a066b78d1f28c11d362e49b03cfef5d19d49dcad3ad7cf794a9bf1d50d18802a9e10b40b5f5c870957d2e52e6720f33c8512bf9341e2160fdbf1ccd92c27727340a01447cfec3ff45d0e9a2420ec3c8f3fc683320ba023048fbeed2b07263b7408c110bbdd287eab4e6651a28000e5d89fb1c06526b1e85dd2a8f7a1b76e6cb32dadc809272e3b42f6758556c92863243ac8d4d23bc054aacf2fde9af368370757d425366450e3385471bc0950ed7635c469b51dba832b852dbafa8c02473c63527ed12100b260fc3505940683fb9e294d08c0d78f252396a161dfa3ab1709c0bfe09526c9db0e8f0d3210d42dd882bd1041c5a41ec0daabd87ca2ccb66a5e6b1d7379f5109268a49c8b5ea195c01feae5b6c73d63f748e465328915c838c43d4d0c01623a536dd6298a690004a36ff5005e24d3b035b597943d61e"}, &(0x7f00000002c0)=0x1008) write$nbd(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="01800000000000000000009a169ab8e8be9bffd3bf35"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) r4 = fcntl$dupfd(r1, 0x406, r0) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) ftruncate(r4, 0x5) sendto$inet(r4, &(0x7f0000000100)="b90b128f1ae406c5bf5989cffa9f166671ffe82ea300000000000000000000", 0x1f, 0x0, 0x0, 0x0) shutdown(r1, 0x400000000000001) fallocate(r1, 0x4, 0x100000000, 0x65fa) [ 332.585671] kernel msg: ebtables bug: please report to author: Wrong size 01:41:52 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x23, 0x0) 01:41:52 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0xc0045878, &(0x7f0000000140)) 01:41:52 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:52 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="654470861e7d8bba235e61dc000000009bffd3bf35dfb7d3d7213d3e83f2974d2ea3c7ed55437ff761da49408176cffd134e5f1c490090c88289375378"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) fsetxattr$security_smack_transmute(r0, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x1) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r1, 0x400000000000001) [ 332.784865] kernel msg: ebtables bug: please report to author: Wrong size [ 332.866620] overlayfs: missing 'lowerdir' 01:41:53 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc020660b, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x24, 0x0) 01:41:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0xc0189436, &(0x7f0000000140)) [ 332.951998] kernel msg: ebtables bug: please report to author: Wrong size 01:41:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0xc020660b, &(0x7f0000000140)) 01:41:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x25, 0x0) [ 333.108546] overlayfs: missing 'lowerdir' 01:41:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="00009bffd3bf350000000000000000000010000000"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) mremap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xb000, 0x3, &(0x7f0000ff5000/0xb000)=nil) 01:41:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0xc0481273, &(0x7f0000000140)) [ 333.199390] kernel msg: ebtables bug: please report to author: Wrong size 01:41:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x26, 0x0) [ 333.295678] overlayfs: missing 'lowerdir' 01:41:53 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc020aa00, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x1, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f0000000080)={{0x26eefe68, 0x9, 0x6, 0x9, 0xfffffffffffffffd, 0x5}, 0x10000}) 01:41:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x27, 0x0) 01:41:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000d661fd009bffd3bf35"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000001c0)=0x6, 0x1ee) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140), 0x4) sendto$inet(r0, &(0x7f0000000200)="64d2eb90b6aa21db17efaf5bb7c3b3bfdf9126ad8f7c779d10b36d442a45ac078781fbeaeed43f86000000000000000000000000969fb9750e0ad5f07c62ab3dbe94770f00247fb475c06f7f05e9bfea90ed5c58bee878c090d9c1047390b8d38912efa57e4201f71ebdba7df8369131fe2f0500", 0x257, 0x4000080, 0x0, 0x0) shutdown(r0, 0x400000000000001) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x100, 0x0) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000180)) [ 333.496331] overlayfs: missing 'lowerdir' [ 333.502200] kernel msg: ebtables bug: please report to author: Wrong size [ 333.525209] sg_write: data in/out 1819633163/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 333.525209] program syz-executor.2 not setting count and/or reply_len properly 01:41:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x28, 0x0) 01:41:53 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={0x0, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={'rose', 0x0}, 0xb36, 'syz0\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x100000000, 0x2, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast]}) ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000100)) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 333.655726] kernel msg: ebtables bug: please report to author: Wrong size [ 333.707509] overlayfs: missing 'lowerdir' 01:41:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 333.736965] sg_write: data in/out 1801875979/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 333.736965] program syz-executor.2 not setting count and/or reply_len properly 01:41:53 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 333.851689] overlayfs: missing 'lowerdir' [ 333.857135] kernel msg: ebtables bug: please report to author: Wrong size 01:41:54 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc020aa04, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000}) 01:41:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xc4, 0x101000) ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000080)={0x7, 0x55fb270fdd3e7b4f, @start={0x8, 0x1}}) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000100)) 01:41:54 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) r2 = socket(0x19, 0x6, 0x10000) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@ipv4={[], [], @broadcast}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@dev}}, &(0x7f0000000280)=0xe8) getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000002c0)={@broadcast, @multicast2, 0x0}, &(0x7f0000000300)=0xc) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f00000004c0)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000005c0)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@loopback}}, &(0x7f00000006c0)=0xe8) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000700)={0x0, @local, @broadcast}, &(0x7f0000000740)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000780)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@empty}}, &(0x7f0000000880)=0xe8) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000980)={@loopback, @empty, 0x0}, &(0x7f00000009c0)=0xc) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000ac0)={0x11, 0x0, 0x0}, &(0x7f0000000b00)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000b40)={'ip6gre0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000c40)={{{@in=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@empty}}, &(0x7f0000000d40)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000e40)={{{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f0000000f40)=0xe8) accept$packet(0xffffffffffffff9c, &(0x7f0000000fc0)={0x11, 0x0, 0x0}, &(0x7f0000001000)=0x14) getpeername(r1, &(0x7f0000001080)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000001100)=0x80) r18 = accept4(r1, &(0x7f00000011c0)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000001140)=0x80, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000001380)={'vcan0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast1}}, &(0x7f00000014c0)=0xe8) getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f00000015c0)={@broadcast, @initdev, 0x0}, &(0x7f0000001600)=0xc) accept4$packet(0xffffffffffffffff, &(0x7f0000001740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001780)=0x14, 0x800) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000017c0)={'bridge_slave_0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000019c0)={{{@in=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000001ac0)=0xe8) getsockname$packet(r1, &(0x7f0000001b00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001b40)=0x14) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001c00)={{{@in=@local, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000001d00)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000002580)={{{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000002680)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000026c0)={{{@in=@initdev, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in=@initdev}}, &(0x7f00000027c0)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002800)={{{@in6=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@empty}}, &(0x7f0000002900)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000002940)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@dev}}, &(0x7f0000002a40)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002a80)={{{@in=@initdev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000002b80)=0xe8) accept4$packet(0xffffffffffffff9c, &(0x7f0000002bc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002c00)=0x14, 0x800) accept$packet(0xffffffffffffffff, &(0x7f000000c440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f000000c480)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1f, &(0x7f000000c4c0)={@remote, 0x0}, &(0x7f000000c500)=0x14) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f000000cf40)={0x0, @dev}, &(0x7f000000cf80)=0xc) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f000000d340)={@dev, 0x0}, &(0x7f000000d380)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f000000d3c0)={{{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@initdev}}, &(0x7f000000d4c0)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f000000d580)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @empty}}, 0x0, @in=@dev}}, &(0x7f000000d680)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f000000d6c0)={{{@in=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@empty}}, &(0x7f000000d7c0)=0xe8) getpeername$packet(0xffffffffffffff9c, &(0x7f000000d800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f000000d840)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f000000d880)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000d980)=0xe8) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f000000d9c0)={0x0, @local}, &(0x7f000000da00)=0xc) getsockopt$inet_IP_XFRM_POLICY(r18, 0x0, 0x11, &(0x7f0000001640)={{{@in6=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000500)=0xe8) sendmsg$TEAM_CMD_NOOP(r2, &(0x7f000000e900)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x802000}, 0xc, &(0x7f000000e8c0)={&(0x7f000000db80)={0xd34, r3, 0x212, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r4}, {0x1e8, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r5}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0xd846}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1f}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x8b09}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0xc, 0x4, [{0x7, 0x100000001, 0x200, 0x1}]}}}]}}, {{0x8, 0x1, r9}, {0x44, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8}}}]}}, {{0x8, 0x1, r10}, {0xb8, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x1000}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r12}}}]}}, {{0x8, 0x1, r13}, {0x198, 0x2, [{0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0xc, 0x4, 'random\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r14}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x7fffffff}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x101}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x3ff}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r16}}}]}}, {{0x8, 0x1, r17}, {0xf8, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r19}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r20}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r21}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r22}}}]}}, {{0x8, 0x1, r23}, {0x1d8, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r24}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r25}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r26}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x200}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r27}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r28}, {0x22c, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r29}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffffa}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r30}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r31}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r32}}}]}}, {{0x8, 0x1, r33}, {0xb8, 0x2, [{0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0xc, 0x4, 'random\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r34}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r35}}}]}}, {{0x8, 0x1, r36}, {0x1e4, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r37}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r38}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x55}}, {0x8, 0x6, r39}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r40}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r41}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r42}}}]}}, {{0x8, 0x1, r43}, {0xbc, 0x2, [{0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0xc, 0x4, [{0x1, 0x4, 0x9, 0x9}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1dd}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r44}}}]}}]}, 0xd34}, 0x1, 0x0, 0x0, 0x8014}, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r1, 0x400000000000001) 01:41:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x29, 0x0) 01:41:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 333.998652] overlayfs: missing 'lowerdir' [ 334.000500] kernel msg: ebtables bug: please report to author: Wrong size [ 334.024522] sg_write: data in/out 1935898123/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 334.024522] program syz-executor.2 not setting count and/or reply_len properly 01:41:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2a, 0x0) [ 334.126407] overlayfs: missing 'lowerdir' 01:41:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) 01:41:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 334.191030] kernel msg: ebtables bug: please report to author: Wrong size 01:41:54 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="4581fc9890b57e46bd9e45dc2254ee55939578346bd924cafe201129b01a1b28fa58ae1b865d6da9fc5e2c34643389e91b1f2291e96086089fbcc2a474d8426fa6e4eea0b60723a9b9820030391f5470f43f801b16a4086c980a2e076cafaf5fa524ae95ef33ccc683c7ec613e5662e82c85dd2ad158"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000000)={'bridge0\x00', {0x2, 0x4e24, @loopback}}) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) prctl$PR_GET_TSC(0x19, &(0x7f0000000140)) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KDADDIO(r1, 0x4b34, 0x7fff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 334.304897] overlayfs: missing 'lowerdir' 01:41:54 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x2302}) 01:41:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2b, 0x0) 01:41:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000000)) 01:41:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:54 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0xffffffffffffffe0, 0x101000) 01:41:54 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="6744669a00000000010b0300000000009bffd3bf35adc3d4715ea3de7231068894726f63b2a72196f63d36deb1e5f90979544a39b0ca5879f7701aa0896f6eb28bf800511fabebaccaf274920cb64cc2bf9f34c3935c71fd34084b6b67d6b4bf110b76f4f6cd7dc16fa422030000000fbb0655478813fb22fecad2fce10ce70a0925b55c91ce9718d30adc78ef8fdb372196d75e0ad91c7b6516d55b17c883e96b8a1f03e07f03401deb409f922bce9de2e3a3f9a565c63e2c397b8d3bc288ef8fdd2135fc6596cce3012800004acdda7a85883526e982ff122d8e29677ef0dffa37c4250dbe60c67c9de9f29a9e962bc540afc21b952d1207c9914825a99016d5ecdac0552cf7cd2a0e81b11baf277d3937bc90637a0f1e4b9c819cf47c8d2e47f8cd189ded469df54f99539ebcc6a832ae5d093257a9232c732cfe90980a9ccb777b80b7237fdb963bc4416460f5a1fecdaa1e16d19ea0514e169527698d10e8ed8e31ad0c700f26530d0bd17dceb03115cb24c4513ca1157fa4a9a32478195f5ae79d80cb84a5068c5d7c4e01d8b080"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) r2 = open(&(0x7f0000000000)='./file0\x00', 0x1, 0x80) ioctl$NBD_DISCONNECT(r2, 0xab08) 01:41:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 334.489041] kernel msg: ebtables bug: please report to author: Wrong size [ 334.515750] overlayfs: missing 'lowerdir' 01:41:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2c, 0x0) [ 334.579222] sg_write: data in/out 593982219/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 334.579222] program syz-executor.2 not setting count and/or reply_len properly [ 334.606740] kernel msg: ebtables bug: please report to author: Wrong size 01:41:54 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:54 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 334.739317] overlayfs: missing 'lowerdir' 01:41:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2d, 0x0) [ 334.770333] kernel msg: ebtables bug: please report to author: Wrong size 01:41:55 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x5000}) 01:41:55 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0) 01:41:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2e, 0x0) 01:41:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x2f, 0x0) [ 334.974964] overlayfs: missing 'lowerdir' [ 334.983855] kernel msg: ebtables bug: please report to author: Wrong size [ 334.989251] sg_write: data in/out 1634628363/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 334.989251] program syz-executor.2 not setting count and/or reply_len properly 01:41:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="674466980000ea629a4f48e5379fee8345e39155c9000001000300000000009bffd3bf35"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000240)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6}}, &(0x7f0000000340)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000380)={{{@in6, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@loopback}}, &(0x7f0000000480)=0xe8) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev={0xac, 0x14, 0x14, 0x27}, @in=@loopback, 0x4e22, 0x0, 0x4e23, 0x7, 0x2, 0x0, 0x80, 0x29, r1, r2}, {0x7f2, 0x6, 0x0, 0x3, 0x0, 0x81, 0x6, 0x1}, {0x0, 0x0, 0x1, 0xff}, 0x100, 0x6e6bb9, 0x2, 0x0, 0x3, 0x1}, {{@in=@local, 0x4d2, 0x7f}, 0xa, @in=@rand_addr=0x14c6, 0x3505, 0x7, 0x1, 0x16b, 0xfff, 0x1ff, 0xffffffff}}, 0xe8) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) r3 = dup(r0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000100)={0x2, 0x1, 0x9ba}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) ioctl$SIOCX25SENDCALLACCPT(r3, 0x89e9) ioctl$VT_RELDISP(r3, 0x5605) 01:41:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:55 executing program 2: capset(&(0x7f0000000240)={0x20080522}, &(0x7f0000000280)) socket$packet(0x11, 0x0, 0x300) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x8, 0x1, &(0x7f0000000100)=[{&(0x7f0000000180)="2b89bca5ad08371012794349609ecf3a84e9acfeb4d326f234b5d92e51983bbdd5c9ee6366b46abcb11a13c60534d60b832e27c93f9c47f1bf281f1b78c08a782b48b37aa0a7c391826a837974f0ae73", 0x50, 0x7f}], 0x81000, &(0x7f00000003c0)={[{@noikeep='noikeep'}, {@bsdgroups='bsdgroups'}, {@biosize={'biosize', 0x3d, 0x6}}, {@nobarrier='nobarrier'}, {@bsdgroups='bsdgroups'}, {@gqnoenforce='gqnoenforce'}], [{@dont_measure='dont_measure'}, {@fowner_lt={'fowner<', r1}}]}) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) open$dir(&(0x7f0000000000)='./file0\x00', 0x3, 0xc0) 01:41:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x30, 0x0) 01:41:55 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x20ffe000}) 01:41:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 335.488210] kernel msg: ebtables bug: please report to author: Wrong size [ 335.494690] overlayfs: missing 'lowerdir' 01:41:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x31, 0x0) 01:41:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 335.565842] sg_write: process 1008 (syz-executor.2) changed security contexts after opening file descriptor, this is not allowed. [ 335.621956] overlayfs: missing 'lowerdir' 01:41:55 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x80001) bind$ax25(r1, &(0x7f0000000140)={{0x3, @null, 0x3}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="67446698000001000300000000009bffd3bf35a892553deaf4b01c244ae0981c450f7fd31e1cb25ff5cd5836ffa8a6d3203dc79b35b43cebfb17ada640a1badd7a64177eda819851b294424cf0826ea2ede5ea2da01526b1cebbe11ca10e248f01850d2043ec9bdda06a28e7f2860e783e31b9e48409b1a7f31f47c9"], 0x15) bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000100)={r1}) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r2, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0xfffffffffffffca1) fsetxattr$security_selinux(r0, &(0x7f0000000280)='security.selinux\x00', &(0x7f00000002c0)='system_u:object_r:audisp_exec_t:s0\x00', 0x23, 0x2) sendto$inet(r2, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r2, 0x400000000000001) 01:41:55 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x2000, 0x2) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0xfffffda6) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 335.685649] kernel msg: ebtables bug: please report to author: Wrong size 01:41:55 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x32, 0x0) 01:41:55 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:55 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x7fffdf001000}) 01:41:55 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) [ 335.833878] kernel msg: ebtables bug: please report to author: Wrong size [ 335.868462] overlayfs: missing 'lowerdir' 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x33, 0x0) 01:41:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:56 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000080)={0x3, [0x9, 0x9, 0x8]}, 0xa) r1 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_ifreq(r1, 0x8931, &(0x7f0000000000)={'hwsim0\x00', @ifru_map={0x2, 0xfffffffffffffff7, 0x8, 0x6, 0x2, 0x1ff}}) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f00000000c0)) 01:41:56 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\xff', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="674466ffd3bf3500000000000c0000000000000000e0ff0a195294078911866659"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)=' \x00\x00@\x00\x00\x00\x03\x00', 0xfeb6) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) [ 336.006008] kernel msg: ebtables bug: please report to author: Wrong size [ 336.041530] sg_write: data in/out 12361/2147479506 bytes for SCSI command 0xff-- guessing data in; [ 336.041530] program syz-executor.2 not setting count and/or reply_len properly 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x34, 0x0) 01:41:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:56 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x80ffff}) 01:41:56 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:56 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xfffffffffffffd6f) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snapshot\x00', 0x24001, 0x0) ioctl$SIOCRSSCAUSE(r1, 0x89e1, &(0x7f00000001c0)=0xfffffffffffffff7) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000200)={0x8, 0x1}) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x42000, 0x0) mq_timedsend(r2, &(0x7f0000000080)="d3120e6dd5f747a21f8422e4265ef7c3620d65122e7d521a6f5c88a9076885e869e64fc3cd94d979fe9fc90cc30a98f678203dc6e1a0e56fd0256f611dd619f81753d4c5be9e34630f281631bc066addbb86b7aff385cbf24e52d5e06c4e028bdf47e79372ea23efc1cebb5d7533cbf87516b572a8c6e08bbd614d4ac91276d4896740fa79e3be04676d7956676414f69822fce9672043f8a5d87118", 0x9c, 0x2, 0x0) [ 336.149921] kernel msg: ebtables bug: please report to author: Wrong size 01:41:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="674466980000000001000300000000009bffcabf3596186972ff0b30be44a1d0de140643d26b45b64e74f4b9153869300eae61eb0d3ad23c2fa85f642dbfcee7632a707ea489ada6674ccd321f4049ce6384a48d4dd4e23c69a806f126b79d3d78370cdf109df58a5dd38dee88a48e5c8dd5be943b170f7fb1c83cabbfaf29804f221bd7444cdb00da929fc1f30fdc24b35525a744230a8ec09bcc5053ddedf27d5e3c2de48d977994cfb4a1104da3c69b90ca3622d6d451e5f978af74c24653d3d5dc42a07d8f26d21e309aaa63adfe2999e3bea08e2a31d6231219f99bb34f51658ac277143cd337ef3c30329b235510526ab9438b3d6ad9f9bf5d68d7c2db72aac4d11209cf43390680ddd0c60b3dec3a50d5d5525c08e50418c190896481897c0b62e82c8acf1b17facf5f91a4df427be04130db6d8fbbfd86fb7062f6"], 0x15) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x6041, 0x0) ioctl$TIOCSTI(r1, 0x5412, 0x100000000) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000100)=0x7ff) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x35, 0x0) [ 336.248627] overlayfs: missing 'lowerdir' 01:41:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:56 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\xff', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x36, 0x0) [ 336.364596] kernel msg: ebtables bug: please report to author: Wrong size 01:41:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:56 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xffff8000}) 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x37, 0x0) 01:41:56 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x7f', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:56 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) accept4(r0, &(0x7f00000001c0)=@ipx, &(0x7f0000000240)=0x80, 0x800) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="6744669800000000010003000000c4df39acaeb111"], 0x15) bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r2, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) r3 = dup2(r1, r1) ioctl$SIOCX25GFACILITIES(r3, 0x89e2, &(0x7f0000000000)) getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f0000000140)={'icmp\x00'}, &(0x7f0000000180)=0x1e) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r2, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r2, 0x400000000000001) 01:41:56 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) prctl$PR_SET_UNALIGN(0x6, 0x3) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x42800) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x30000003}) [ 336.576212] kernel msg: ebtables bug: please report to author: Wrong size 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x38, 0x0) 01:41:56 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 336.669913] sg_write: data in/out 1886284043/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 336.669913] program syz-executor.2 not setting count and/or reply_len properly 01:41:56 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x8c', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x39, 0x0) [ 336.782531] kernel msg: ebtables bug: please report to author: Wrong size 01:41:56 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r0, 0x2) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r0, 0x2) 01:41:56 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x80ffff00000000}) 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\xf6', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3a, 0x0) 01:41:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) r1 = open(&(0x7f0000000180)='./file0\x00', 0x80240, 0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x9, 0x4}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000240)={0x5, 0x4, 0x0, 0x6, r2}, &(0x7f0000000280)=0x10) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) r3 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000100)=0x6000) r4 = fcntl$dupfd(r0, 0x0, r0) renameat2(r3, &(0x7f0000000080)='./file0\x00', r4, &(0x7f00000000c0)='./file0\x00', 0x0) [ 336.978766] kernel msg: ebtables bug: please report to author: Wrong size 01:41:57 executing program 4: perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="6744669800000000018c82e57f0000009bffd3bf35"], 0x15) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0xfffffffffffffef1) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000640)={0x0, 0x10000, 0x30}, &(0x7f0000000680)=0xc) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000c00)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000c40)=0x24) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000021c0)={0x0, 0x7}, &(0x7f0000002200)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000002640)={0x0, @in={{0x2, 0x4e20, @multicast1}}, [0x6, 0x5, 0x9, 0x3, 0x7, 0x2, 0x3, 0x4, 0x8, 0x4, 0x7fff, 0x400, 0x80000000, 0x0, 0x100000001]}, &(0x7f0000002740)=0x100) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000002780)={0x0, 0x52e}, &(0x7f00000027c0)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000002800)={0x0, 0x4, 0xe87, 0x5, 0x0, 0x552}, &(0x7f0000002840)=0x14) sendmmsg$inet_sctp(r0, &(0x7f0000002940)=[{&(0x7f00000000c0)=@in6={0xa, 0x4e21, 0x134, @rand_addr="9e0bef951fb378937bf470b151c3d667", 0x6}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000001c0)="fec0b62fcdbb372cb4b149cc4e858d215743df1cebd75c6634816dcf6ac15a2eb66f995668449e9e695e7108aa343229d580231b8c7b2c1f7434b262822656dc0fc092c05949f42c454d4a54a17d9fd37b4fa4486571554364ba579553e3da636f43d211a9b891fe387ae2da48e68c9be3ab6cf7db8856f046960e7f53d8013b96f1cb9ee18d0ced3486a82753b4007fc17922bc167450c0ae6e97d5d54efb58afed4dbefeb48d7d0d2b1d59c809b5c635270c91291baa423e11b9f17f37e628700fc9449602", 0xc6}, {&(0x7f00000002c0)="d38426867974fbabed94bef25c9c299afca420c10caf4e31f125b481c9f3d0ea9dd1c6b6f6f52ab63e572cf9c67ee9c4de0dc5ba5ddc407a1d0a950f636591d09caac42829585252f44264ebfe915b3ecdabe4809ed7f2ab19bbf359be0f4ba364b409f3bfd2ad9970b22593d21d975ec7c749ca86a7ddeda7932debcfb5329f5205786ebf13902ce596e51d612ef94406ded4b922061cdedd38d0d3358d6d3d3419e83933255543b173ad7e38748f8434eb45d04113ae5bd077193b98d21a240490872ec89bf49b3809cac4a94eb4aa3b53438abe874a", 0xd7}, {&(0x7f00000003c0)="f7d3e0a2fd3833248525dcebb13c38f277f36f1749ccac5cf366b22324866d546c67ca3f267979", 0x27}, {&(0x7f0000000400)="e03b38311be07b2cd0e1a13aba032e9845a021cd13251c1c34abcd948c445ca285ece8fbdfa3367b634654b7218f74e1bb3b9eb12b0085ca5270d15e148e6698dc8a199f79fa81721ea691f8997b648a78d55741abb100b81938f33c05d708552838360a3bb436d7d99bf9676d475918d7223d2fe927d925ed712886f3e77ac25e029b4e9ff856035291d0372a4928d382861151e31563a0558de2aa8dd32d5946445d5fbefa23a82f9cc1eeab0384aa9362dcc4dd07dcf21dd7deeef63d957a026be82e7eeb039467b7474fd66712ad85a4aab42ef96214b8d59401f590f4c02a920399d72c8d68282307b88fc97868003f", 0xf2}, {&(0x7f0000000500)="4a9b30856e50c4af87a5daf34e07", 0xe}, {&(0x7f0000000540)="30f5beba86bd87f96d8ef31cd229fcb9c10838bd1628e3e156e298c5619af0cf3b906df45a3b2c621aaa9dde9cd5499da1eb08e15480d47a577d978170c5bebc29a17594afe318060d9d7e04fb2869be9083b2577d647cc001ddff738145d66aa35c5443", 0x64}], 0x6, &(0x7f00000006c0)=[@sndinfo={0x20, 0x84, 0x2, {0x4, 0x8000, 0x8, 0x7, r1}}], 0x20, 0x4084}, {&(0x7f0000000700)=@in={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000b80)=[{&(0x7f00000011c0)="ccb0557253cb3038ef771ab253e2b87b3f26a2b4f6447c41fb4d77029baf0fb435a5b53f071c21e05890c1acd7d34a9a5799544ed6d2c015d1904b1416c342b11a9ae0c94917c74771e0d2a8ffc2f695613bd27702ab8d55830c68bcc8d3a415f285aff457e7eda1aad7470ca0c8c7d8de8b4d0e28352ae7b70a32c77e6b57ed68527b266c146ae2f845c2e7a31c336b2d8d5fb188f6964f1ad4c8c091110251ae01ddc7e10aa1bb08de1a2a23f4e09c0e29fccef8eed9b7361709e4eb616554913868aa58477e2141956af287d80721d75f353dc91e02ec7248cb666b99462060a727ad15b98bacb3037c0ce1721075354a95fb517d63b73ef6b3d9a72760fbdbfbe74679e928831684b793001a9a26ecd1885ec77c0367432b2b51892c7eb1e2ad6dfbcdce66ba70e57451278920383b298c3001661ebd2ef78918b029641ad281e37d225958d166b4a5aeb56b51255ca76e0d238f5b24a62fdbf6502f5eb7840c3f5621960d6a1a601444aee5ab8203e9c2456f5a52d6d029c34aa1087f0e28b5f25fbcaddad49ce60395dc3641ebef5de270e797a66d7ccf724f50cc3f3a23bc57d8198836f143291f63f0177f53165d8883a2d559a88bfa434a20e1ae67599522695dec0aabe033d1cbed241f7b7c7419be8cf00cdfbb3165a683f4cd615d04c150e866fc9ec2bbe66c51747a9ba035227e2bad3bfc7271bfa6ae5707bf594e50a399d0825fdfa7b5445c597edd6057bbe924785da9c9ecef5bef555d6d17cdf82073cbf46d8f731b615055d604491be16c4bdbd03e36f7fb95f1cb605640d0e22d09a0059b76862c91d1190dc686b47055cf4e2e31d8f9fca610e71b1dd6b21ac1d854c84b9bc1e12ed909aa9ede27c0369b9ed709b79263aff3bd9ae127b929ca61903aaa6792d59a1eeba3d6a87c03c8317cc2ab65e8fa19581fe85b86cf272b88aede174e4f7772114662a076f6335984a7debafdabe5e837952c72d9c552e06a90770380d206e312e7ba8df2a7a44a9f87d4c2b613fb4f36441187cdf89a86d3f6d304257d1808c2b660faefbcb649467eb617738a7c787e54c6299c7efd0489cc6943da8c9ce39a8ef315e8551d49927287b976e88ba1a5c2ae0f16c8021330a2999e3e33df7633f77735cc4c0ac13f75b866b65ada86fb967537ab70c9f725d7888342b204dd07014195a0d5cb34ab6d5743912a5fd3b83214e9c26efae93ef8d244b68f8dfcc0ab0d08ee5e10e13edcbb0c76c7126b5b57bb8d4b4c238e04015848ee2ce48b3913f6d60ab3ea2b30804e68a2f0aa85c4820575588bfa25218a4e29600b97b085aa444503f4dc4abbe4d285472945c8a170fee7adb64d55f09212f91b11ef93cee2172f5b9b0ac13abc66472c441da7ec92f6e242e40760f77a5c71a8baa8d786783000e5af69821e7a6450d498cd68d502f184b74694cfd17c6ff94092ed6d8ffda8dc8625019fd9e375f43e1dd7bcc449f64dab0bbf7b359c1e67ec47b478c5c53d2a842f878e043d8255d0a4da626b0158d4398d9cf3283b147a229dc72bfa7631166cceeff4a460d3faf50159b2340fc19ae4f07965042ecd37eb476fbc2d371074417d581e629ca19b31a6ea7c511e1824d6e67f84ad324a4a7f922963c0325b04a82cb86f69d4408e3feac1d556996936a6ede1f4cb351bc4eecf817c9fd1498c29c8e0c97450bc26235cb2a897a1c71bf81db6b59e84306e4728581ed14b0edc0e6eece8f4c89bca8c7ec1e35168c33ee984656c527567ced902df3b938f699e5f46ad39dcba25c259a3d401f66ed4b7d00cdbf230fc92b29f4b0adfaf37a3677aeaa01977b0366da5267a2402bb7081a1d9066b2f50e7f6c74401eaa47fd7e8f54f555f020a5fd47ae896eabdd74c0b231fb65b85d842a7d3e8ac9d18ccfc4891efd7e371de5387049e154580c09fce9469d279c00da3ae8792e4f4412824aaf001390bd78be7432077e8157edb47263c439189c0fc3be0cf101c1e73c853e471e1a7befa659900a55a1824f9356907757124dd46f158824144c7c9d7982e090c72218d612379adef4ea23aaeb3bb0bfb24b21fc1469572b5b0597353a5a9b67a08fff5925990a7365993b3768cd85a2831fcf0ea4c108af67009faf6483ecef2d4af96eca0dd0abe8487a3be9904c12a596ccfc32be386cdf05359ab3bb4d7acad5697d60381dadce514ab4fad1e501dc84091ab8aa9517f94ba480619ebcb1dab9b40289698133ae5eced7c9b6119cdfcaf4dd95f7b078f23c01c63eed831ba8ca1d4d6e9281640a051829f0950b38f26bfa960e0d7941af20ba443299d25f49609ac5c3602e2cc5e4ea93d3775cfb5af7c6fa7f6f3d48bd4f0addabc06cb56c3d296c643520b84aa72881fcc9d8d720ed4d0fa0ee0bb9d6c86139a2b4bd6d66465c83e1aec4d849af6fcd8983213fa85d726bb2f5b64f45f0bd072be28fc89544215bb63e2c619a02caa916bca7f9df98dac28dca310395fbd53e5d2918187e0a065c52ada5074b8456093607fe5bcd4c87bcb0865ccd94000277507252e8a0a23e020805206e28098ebfa7357acf56362f41c0671c8023403e5f75e8a2dbe0ab03459465436d040780bb1ca58d5508318edb58f6472161921807de53ac15f7b358b07ff21d5ab6324b68b37a5a83e967fd1d0689cc8614a7f01b94271cb9e2f3f3759964d7cba94160d60b3aa3efffa0238fd432cca26ce49f328141f6a1e0a0f7f7a07ca6ebc22bfad8427c72aeb0c1e576e09eb25f431478b541c152e7d49f245ae4d95e55ab3b206d439f9e040a9de26d6e2c873df698f3724fd4322143490afb1a3727cdbdc748aabb9e5643f1add0311f644b1d735bea073e5503c6045b88712c1dd496a5284b6894fda06f3abbee6571ead1c943c821df8c26a8b57dd612a9e45b5541a7c7bafda301221523c29e427b5f307b73cf3eb91a329d1b5f459f54dadaea82296e77972d0b9b25ebbfb9a816ad04ba6d93b6e54ef994ba90019048d939a23f69ebddf1981a7641acb4af9b7eb85efc5ffbccff2400f5255942e55d4524278ad75f5cfaed8928f93dfc0eac103e8cc1174dd1d274c7fc8ea9a3b2bcf955766af13bcc58f8a2eed67cd58e8dff50f59917c3f239c5c5982b68ce1f441971f2bc645b3e695a4cfa4543df2522685e2afd76658f52f715fed7749553a5cd9c495d22e12cc6f9acdf8d291a438a5a577fe50cc894e47b2853b2812b0a4476401c85b4abedd6c1173c24b3415b295f27d7ab5f0661fe1d525b06b5974fc01436c31b78b385ab52ad665102e041d59faa9a9b3264ced6e022d9b759551e548097c0ca7e3e684575b23c6cb42a081d2f1bee708dfe9cd4c04514093fe21c0c55cba4503ec39cfcfd3d4551f727ce50df35f7364f7c533e73faf316f3dac6b7909f2686f5eebb7424aec04b5b8894a5c461b45acb05bed2e3905519943131a301539b80d89808ee88021d04b0287f1bb34076d80d09339abc94b8d689c5960e800cbbabdb533cb5a42059719355eb25ddd5f807546476d2807706ed493744ce874029c44ee73b8a9dab05ee87982527e88a4eb631b223be18f04ec03e2101e3f7013342110790e760edc704747691fad3289f6faa3d612f9813ff10c3d7ac3002bd7d72d67f73a58dbb56659497f4bdec9b74c9a46c35c58f84dea99a1ddb6c0cc76858628b0f8a753676db6539963dc8cbb544165845a6aa798830c83cab243af3a29398c96731c260b45eb51e578de72784e81850932923a5e2c33819d1b2ac2487af0dfa69f64fa60026d9922d3206c11a9a462497c5a6c1ba1f80fadd7f80aee3edb942acebde7eb640d94de95840161e09249f8d47e81cbcbd0640715845557fe0c3eb0acba522e6659b395114c6ef090ba7985260b6a945a2c478b3204a0560cf66b15f546bb96034d947e3650d1411311210c9b0528a29bf823a551e8d6ef53ff1fe1b1c5107c6cba5bcaef144ec9a4b16033166bcf9193fd283cabb6cc5d503bae896cb7c926942eff8fa049e3dbaf3d865d27acb8c92db0af84dc24a35f897aad1332f626f1207b3eda835b38cbc7510f77f7aa2c8e907f67f7e0c7de55179eff43f06bde6ae3b821365fa5c02af0199fac784841d6769e604ee6bc4ba430dabae0be5d689f6f5b379ff615d46cfca03ccc14a29295d697bf7e6bdc9c78b98d8be7a0d87e33e6e499907fc9b6f2f71dc56176d20f277f632e55a3f13e4765cccc19c8a753d6eb3d4c4a1508e4c9bbf5d17297eb6a849da4051e0e1a3ed760eea530c770f86e4a13b592e87920e603bd5258442e4b0d304761afaf4c898a4f9d91b0f41b26f8ed9d80156086ef44702492588d7b119de40814bbb3f0df09875ae52b8e587066aac95bda9a88154dd296821cb2732737fa28a34c78154b7f209db13e06015d17b1a732010364c88ec2a59de8f5c1fb12f4028c5c19f36f6cecd7cb1eed06879dd6d7e986a51251d450ba75123d72abcf772032e5378b7d98585811da0553fea830c01dab2db073973f769d1739b7aa53391039ed5fc38b5af224513474680aff4c2930235bf797f1b91e11e6524870013f69ae4cd32f03df2b84b4387d9ddd5413d048a73416698dc9ead5feab02067f096ddb6774d7505eb99b9b71d6914c6cf136c7d83e7a2be87cc338228b348c996759c08c8af3685ec197e721162b1ab01ac425f633b0ad691c9895652e76e7f2c952a59599b5dded50aed43f13e0a978f7979e250721e170c300df0b37f8edcb93f2558ddf3bde21443dac78626d0a2b848fa6da9c49565f9041aa4d432fa3f810d54c84e9da541c8de2874eae053e68cc4fcd7c7168bd141e4c0be289bd971a9afe14943c716fa210fe43e1c906993ffe76b0d32e1a672cd6deb53887bd1d2b58df45f9d0d010fd12ec8acf0e5fa8cbcf77eabc48988e53ac029b49dfa0f69a7fb32011ea394daf8fb962025230b254ba61a00ef19459f4f9cb302c80bf7454f3731e2f637fba996783cb945b14a175da400cd17d49444cfff667b01368272204b1b532b5dbf3e47607abd9fb0967727e01ea405540e55f7c87f95ef3255399134919c9e772f81236e8b15e0d814dd230169dba9e7d7f99e321206c2b7e64471cfdb5ad3f46f8415e6931a77c2f6738de48843d060021e1de9795f0a7ae7b3a72e63e552626d3a6fc22f29e686a28919690eaac0ad91ec440203b14cac0a32271e00b806c5072446e03789a3afa2442e3f5d9ae1d52bf4238931af554f13e9367a2c228e87a9a87ca881dbc3ae4d5cfd28ae1495e995ed3a2afd57f910a719dcd5bd304afb7057b2a77208950673dcc716839c5233c0d9d6904cc9f75fd002974ec47d79a6f2db24c0aa635807f67a415111e4be0d716f910049b054b0668da86142d6c9508a33671512bdb191d68734b35d4102a4dccad0388eefd216b0ba6dc2d4dbe70591f11e330bf76fcd17a676a5cf04edf5100c1fd0be65d601301563f0b7d1292efdc38347f92f7fd78eb567ee4d6f4286b2f7404978cbddb08c9cf929fd40f306e5ee379c6b8ac1cc25e96fe98dc7206d490ef3e928820154f5df1e43c268462e8c76e7315604ff573399bba0f0613a24dc036444d0faf9328c5b7343882b9e9fc73047fe50b7d635e1cc3230d7c5f713fd92bc974d561ebdedde5a41f0fca23b3b5ecb52afe8385cf723eed9bd7456d6ccb23c7365aaa46e881d7cb86fd763793de1d9cace596a60e3cfea024bf75f1019b049002432df39daac0845b0bef1cf0d428e59ad4a964f4d13751", 0x1000}, {&(0x7f0000000740)="04245b4f380c9a0a7c0fb8e7276c46bf4a78fc5c67658a402ed4bfc5087d3b3f53ca4d19dc135d403670266edb898c53cd99eb6845c99f42720189dc974cddfb5bd63bdb2e9c30a660259aef0834168bcf1b50a57cb07087c7427b47d17ce02a4f16cedb6a7225abd1705c71df1861c4e5fee7c6d8f0", 0x76}, {&(0x7f00000007c0)="62228d0781f7c402e181aa9094818bcd59bb569870bd46599b8f1f9f76f58cdefb60a4ffb87689b90bde529b15d5b32bdf998fa96162a38545e5d54dbb133ecb137073758fcb1aa44277f60cf13fc84428f2e31ff81c4495dfb03a2740d094a46a2a65cca5341ac8f7d517b0b7a23a87e5a2a4a1624da8ef8b88668caebe7d12c86d7d4b65a46a887bc377d7ba1a65b3d6929f932575802e0a9f86c75995eb71badc", 0xa2}, {&(0x7f0000000880)="326afc571565603305003d2ffd34b24f54d5ae807c9a238248ddbf9e153b7ffad56c2ae393fc6de0ceeb48dadc0ff0c5b87204fe0dac2d597749c4c899e624dd4441d99cc8532e6bae91f3d2e958741e3b50836f27b10c29e9217d4cd8c6cdcf66", 0x61}, {&(0x7f0000000900)="bfe4d1bf4e50a9a3b96298859389b4de19b529238b7f04b8b0393a6e64e5b1891093b72c33d094a7caf244d4c7a7f818ee571853c1f2768975982785d4697715352468d5db288d280554b09c132e026bb1ea0c6c40343b7dc3acf2250bbe925615f58836f063bd6a215e9e4f5e1e163cfb55fcbc340699a4a8c5b11dc2bfe7c9b651da610faa5befad119c5a30c81d3e6779a1d53e9f3525147f3b6b6ae3ecf92d67bd2103dbd3f391a8b04dd86afdda75b21246c9ac0e7a2e9e5971c546d64a850d9c66b03b7b6a5e99968ae9f15dff0c7996418932e01a112e80c03bbd965f4e46b9c864", 0xe5}, {&(0x7f0000000a00)="afc0536b9c8eb9d6f82fb9b8abdc66b398f1d5b05e8e1ad08804c5696a1f91a3bab34f592334db004d04ae7101c052337f50ae7580ef60efba485159caeba59fa7b86d51fa3401012f8d4427b3fa1310ef9b6f24fe17bdc6f358c93eff9362d2fb54b08949b9675edb0d15586b7d8ab0b60cd6a761160f8316417f8e", 0x7c}, {&(0x7f0000000a80)="f6d35b1db06c655a2176b56b7dc2ce5f1d0f201715d91829f48e966ad2705fe53233512714c04704cc9e040deda0dabecb6323a16874d50a9435746ae09e83c82708347757af00c29d3355a78eb6a846fd595e4de467a061d3f12569b5815191b11ecf01a61ab5d25fb011bb5ae4c204e8e7a9ff3bf4726c2176e434b1a73c0972baa554f6406ac735e6159f4fb3", 0x8e}, {&(0x7f0000000b40)="a6ff2285d698e6cf3c5963bfb9e90c64e74a412a850d0f966aac870e472abea7de39ad24c64d186efdbae47c5c4a9b2e426f1666e8", 0x35}], 0x8, &(0x7f0000000c80)=[@prinfo={0x18, 0x84, 0x5, {0x9c3f97a2fe07c55e, 0x7}}, @dstaddrv6={0x20, 0x84, 0x8, @mcast1}, @dstaddrv4={0x18, 0x84, 0x7, @remote}, @dstaddrv6={0x20, 0x84, 0x8, @empty}, @sndinfo={0x20, 0x84, 0x2, {0x6, 0x9, 0x2, 0x3, r2}}, @authinfo={0x18, 0x84, 0x6, {0x1ff}}], 0xa8, 0x80}, {&(0x7f0000000d40)=@in6={0xa, 0x3, 0x3, @loopback, 0x6}, 0x1c, &(0x7f0000000f40)=[{&(0x7f0000000d80)="4d57762a1053f4dfbcd230184ca7e92cc4e6e95aca5bd7fb7e385d3af107dae8162d03c32013bfb5977740bb7f41e1ab14da008bd4fb5a83164257d793bc8b97f17313675cf7aeac037edd5c28eee29ebb1af53a76d0ecc365017e89b18a73ca0540b2b1fa8404300311b0d49a17ba7251dc621ef1f510bfd92d63f59da437a32b86c940dd564cfaefd3735b814ea02c6cc8643a0241bc06705c5794a30713", 0x9f}, {&(0x7f0000000e40)="941c4175c49716244c24e793fc6eaf3c65ad5dc33052247ee43cb455b006befb0a64ffd83832414baac9f90f15a4ce1f5a65ee3f1318398f5210e93d69edd3f1209aeee823464ca660ec2cf21ece24fc48a094c0c412599205b0728b992ff6b39b6df79d5ec4b6961f1df7f9559599616865c68078f2f77a99247115e6e9bf27b8e5af7be421b4e597384806604666a1ddb9cff6bb21cba6fb57fdfecfdab8a2d1d3e7f1acc6e87063ce8cff394e6651912288740c88c42c736cf393c052fda14c298c", 0xc3}], 0x2, 0x0, 0x0, 0x4000000}, {&(0x7f0000000f80)=@in={0x2, 0x4e23, @broadcast}, 0x10, &(0x7f0000001140)=[{&(0x7f0000000fc0)="78050da6e54905f758f519046b52694dc0bf9ccb974a4432ed4c7184229f2a3bb49b50a76581eb04217efe79830903e7d6bc42bb07a55e62f8f94eab7cc540b0b8098345c3081b45a3abb9ae1f52b1ba71bcebb4cb5154a563dc6c31b163215e0ecb271ae6235ccecf8eda8341b0306999264825bdbd714bb0179199ffd39b0de99464145da6116e7a18c02b8b10ab27ac974600a19814543cbdabf1213a8d50f0988760757aefeb0e3c665dd1c9802bec747e5f1123f3c945669f6251aed393af81530ddbe6156a095c88e5f0086160ec36c0d034976209ddd77ee101e1b27341e4d7da18fb6e9e87a6dd7ba2", 0xed}, {&(0x7f00000010c0)="c85af444bf14ddbf8438e7fc1784649963e567a4bf2468a78f41a8862b29945184f046c926272bb00c32f6a5d867acec630217735e53d6dc24615fd8e01a4ed63e3278adcf536489c03b7338f054f5c64dd83a", 0x53}], 0x2, &(0x7f0000002240)=[@dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [], @multicast1}}, @sndrcv={0x30, 0x84, 0x1, {0x7, 0x4, 0x8000, 0x6, 0xfffffffffffffff8, 0x101, 0x5, 0x1, r3}}], 0x50, 0x8004}, {&(0x7f00000022c0)=@in={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f0000002600)=[{&(0x7f0000002300)="fcf1a27f1eb77e6d884f40fd4b2b7c82b5f7481a1238c80ff1fa72bf913c42515a849094ba2e96cc4c10dd99647bc68f494f8ce19c3786395039d11adf55e13f39cd05e38f06a4287ab0cc74b97f3c7143bf3192009173ecd99f407729d804f5d211500337e80e434122ee704a42f318b5d5fac67facf1ccab9269854d497da0edc684ae0e301f62", 0x88}, {&(0x7f00000023c0)="b51c2beb9dc625f70569af03c98cca1373d5d366e5005d8d244375f382615526d69b6aa5e5a06214b68761889dc48d3aa3d1b7a7575a2b0b2dce2a43c1d442ee4276c1719fa1e5d21a84af847829096223303069b82b96a17745416ec94c394365b79f89a4048739e5073910761e896a44f31cb185832826c8a2e41f28731a25503ba653a4911836462ad7669dc03909b2b937df47d40a9dabf77f6a7a731359818ab9572874b7535f2295b2d87c7c7a77bfada1834cba9b3df82dd0860deb46bbaf436a3ee64a3c7ffc4f31303925d7790c0080dd0957146e4fab83942766ef310fb039", 0xe4}, {&(0x7f00000024c0)="fd5f3f9e45e00cc24edbe4c9a2043ca99e3f2c1e0e437b7e251807a156588702308e0a96150f6ab782d1ecddfc2035292fd5dde79005ab3f3d5557adae7ee16efb14ca20f095f8dea8ef3090af65f97d2299ef6f5d9f2128279e88385c667bc2d29a6e77b06fea68937333bc8a98c6cc95de4d7a555de0d6f6c52647a4c70c0173c5d8a41a4fe39a0f8198304c59f86811f9207b7100ca134fb81c2de81e189c518d014ee3c5293d8bd91bf5fe337f53a6cdc538ae06b323a99e50da1831b75e036d", 0xc2}, {&(0x7f00000025c0)="7882242fa763c93cf45d38418ef714aa385beab3546d3d8a6b481d6331b0a4dbaafaa51e6ac890cc663089ca", 0x2c}], 0x4, &(0x7f0000002880)=[@sndrcv={0x30, 0x84, 0x1, {0x1, 0x0, 0x0, 0x5, 0xb3, 0x1, 0x101, 0x8, r4}}, @dstaddrv6={0x20, 0x84, 0x8, @mcast1}, @sndrcv={0x30, 0x84, 0x1, {0x9, 0xffff, 0x8000, 0x101, 0x8001, 0xffffffffffff0000, 0xffffffff, 0x401, r5}}, @init={0x18, 0x84, 0x0, {0xfffffffffffffffe, 0x3, 0x3f, 0x5}}, @sndinfo={0x20, 0x84, 0x2, {0x3, 0x4, 0x3, 0x8, r6}}], 0xb8, 0x20000010}], 0x5, 0x40) shutdown(r0, 0x400000000000001) 01:41:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3b, 0x0) 01:41:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\xff', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 337.104389] sg_write: data in/out 1667588875/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 337.104389] program syz-executor.2 not setting count and/or reply_len properly 01:41:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3c, 0x0) [ 337.218962] kernel msg: ebtables bug: please report to author: Wrong size 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:57 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRESHEX=0x0], @ANYRES64, @ANYRES32=0x0, @ANYRESDEC=r0], 0x28) exit(0x9b4) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f00000000c0)) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) 01:41:57 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8000000000000000}) 01:41:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="67446698000000000100d3bf350000000000000000"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x10000, 0x0) accept4$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @hyper}, 0x10, 0x80800) shutdown(r0, 0x400000000000001) 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 337.382380] overlayfs: missing 'lowerdir' 01:41:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3d, 0x0) [ 337.455406] kernel msg: ebtables bug: please report to author: Wrong size 01:41:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 337.508138] overlayfs: missing 'lowerdir' 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x3e, 0x0) [ 337.567793] kernel msg: ebtables bug: please report to author: Wrong size 01:41:57 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 337.632165] overlayfs: missing 'lowerdir' 01:41:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000140), &(0x7f0000000180)=0x30) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000001c0)={{0x2, 0x4e20, @multicast1}, {0x0, @dev={[], 0x23}}, 0x20, {0x2, 0x4e24, @empty}, 'veth1_to_hsr\x00'}) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:57 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 337.730745] kernel msg: ebtables bug: please report to author: Wrong size [ 337.755577] overlayfs: missing 'lowerdir' 01:41:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4080, 0xc) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000080)=0xffffffffffffff70) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r1, 0x227d, &(0x7f0000000140)) 01:41:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x41, 0x0) 01:41:58 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xffffffff00000000}) 01:41:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:58 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000100)={0x67446698, 0x0, 0x1, 0x3, 0x0, "9bffd3bf35"}, 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) r2 = dup(r0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/snapshot\x00', 0x400, 0x0) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000700)=r3) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40800, 0x0) sendmsg$nfc_llcp(r4, &(0x7f0000000680)={&(0x7f0000000140)={0x27, 0x0, 0x1, 0x3, 0x40, 0x0, "af07db6e2173829e453a1eaeedca534a14c1472218924566aa8d8f3ec5390855dc117e4bd4593ddaabe5fce754f996f68d51f911500f4fb5b12534942de0a4", 0x13}, 0x60, &(0x7f0000000500)=[{&(0x7f00000001c0)="07d2891552b78f7e7a76b9d9ae8ce1588df77709d2c1bfce58eb6377c20820b72744f2340b682ed0d8153f5750a6bc435ecb7f5f72d8bb54c0bf07dca9081b7c23965d7496f514891819fbd41499451f863dd4ab5a4fb918dd16c07dae9913aa2418b2a104205c119ef7ce84ec331c222a36715d7ceb51f233dcda1ff6351dfaffbb88fadbd7cc76fe1cc89c418554aaca3a5c", 0x93}, {&(0x7f00000011c0)="402dc6e401dd01ae80ecf044c07bc40e2a8a463316570075fd89c6706f46ca3e4b2ad21976e21a3facbd0ceab4ce85f9d375fa4e18a7376bf0587a1346f855856c33602d7f0173c926eae7dd70965a9332ee0f599c87fe7405b52c64b19e0f0d53949ee5af67061f51b1dedfb9b5e2e777f73748b87cdf8b8d8f976f4c3bdbdc9ed66ae9b7356fcbd6a95f19bf39cf006830ed1bf9f7e6a90e3688f493b85402c33eec0e73bebf1f9beee1764872e99eb416d89017484ea772c18db6c4e55db1a64f4f949046277512925e3425e317bc6b1a110cbb666cb51c7cf25d7efc650b67a5e9c6beaae6f8162ce70a2e26f52c238ec339347113cb40f8e4e5b7588ef79de5ddd42f0b2ad23726ed84aa5022c7dbfd02efc90fb6341e403f14fb48d367c440c9a59462b58ef0746a64b52e5c6b49d9c512a8f1cfaeee93dc61dad534ce9b4dbd065d2cc7e55cc783dc33a0454f27a7cf033ce9df1ad82ea23018d04cfdd28cbb3a59a1a4bcad9c1ee05fd13a9bc112bac2411c1536dbf784857168bcbe55986bb9e6fdb6fd397a5aebb960fd22feb668b05061c2ff099be3686e9b4a4e4c3c8a2bf5a4dce390622f1eeb200a4e14134e3cc324e4f3b4c9cf8543e910121b6b8a8d17cd8d2f3a7a9417cc179cec2f21c5086d3ed308cda089d63df7a5d78ac30674847e6f8d6d44c0e5918a6593dc40bb291e0e50a23c74f8676aa0feb081e44ecb16de792f47648f41594d4ea381b5ffd8a843a56ff1be63c22f059fdce0b913c26c78a9c9de4258f2b5ff683078623797298196d2b01baadbc13119ad5e7cb6a0319f27eca8ee4e645cb5ac0145996985a29eb21c902602e0f73849857ced8cd0e13e975f06c97263abdcde768819c0d2925a17a245730c8d27291086c5942b31a55b5bc1f3e7e13854f6628f3350e784601e69a756b38ea0e30ee569565fe4e8b1c32be9eaf17954fec92e7c3c5b9527b2f319e198bcc7e0bdfa2e5de2b2f8fda3c94435a593a9883b25d0870a52b44209f7591bbed1e9e052a7f43bc39a0a7d3ddd0aa9b22db9480f0cf80d0878dfff6b6a277ec4f539549de68c28d2c94e2ee7dd2eec911deb40d9543fb3c75a7465146485ecf0d41b5427b6fef5f2d0498f1fd0b8b80250f288a647c10af6f1c6cf29d92ec646d1a0d7ee1b0bd0d66228f642107aacfe9825d901b75d3c3b21b6ea11456a67e58cd305bdeaad49e6226d9891cc71e9427daaad301a0025837edd55e09872b6a046dd6eab7e44a2b751be543547e80816b0d8c1bc839559608ba6d422740a4a55d049bc0e88c4fedcf05645b02804c56fda90c141285e0d11266321d291de03178c2191244bc70109f895efc857b0c77db69d26b2f795ef709d753919b8ff202c29191af1f7e3261f750c9b40c0f5929518bda3414fcaf2f22b4a5ade00dc1344969528e45a5b444a92a3d4a4484db8e0f3132574a834a03b20051153cbd0e2b560a32e2ae9665b1e51e78c33a294bf6785ebe86bc4a32d16b7d8b6cdf2d985588c2730804b1e4ccefc664a4e98679b0a06b6326153aee810918c460492b3b621f6ff8f7a0067df2089edccc98b74b1cc74ce2d530c8d2effe5fb16dc373c63a7a540dab3d0f6e0de974149ce8a6151f9f838936e14aebd05efe9e8d6cb199923c18b99f3d531f3d6162cd7734961b239a335a571ba8909974676f8e4634494eb72bb88fa8aaedafb9df7445f6af0e4cc8aefcd6e02c14f1ac9ca2749e0f9f63b8a44c450c27e5b839cce1a95757af3070e626d105487167607f96cb9a9674c4524b9a0b227b92051d714fb1e0ae9c705bdea93f212d7989fdfb955c8be29e574a8d4d11fa2061753331da9db980176755fe9de53fa7170add294f0838cbd529150663e8f60ff66c720341693d79b8bb312d5373d785926c4adfcd1b475162b90445a5418ee7c80b25ec07324327f44d40c37d9e4b9b32e3995ef02314e786586e8c8f6e451017ffe49741ae694ef3eb49a2ee62174dbecd2a5666b23fc50a82399d027ae79e484202ee52bf850771732489b8d5051126c158c013d1cddb1463f0ca9f28f1e046f2c05df08c5554d8712951feca2fbb03259d8f3d7dcd220912aaaf99b4cb3a579a1d81eff6e32e810a6134c0048e51bdee72a70f08f9fbfd0c451ca70f5d5526307cd4daa95bd6ed727d6e6fac91034cb46b4f8e68cfc0e0153264e0fdeb913e09035ce82ad7986a69c11ce86c9b59276b4c86d3762dbb82d9f8e79dad6372191e6b96ed4b0791f536b4ff4a88d5952f292117b131770ebe022483ab99198bca3b96782a119022ef71fa469cffc4d8fb7a0b770133ff41535a5783b61c34a14d280202223a4c50edfea72d034ba887f1837d700420dbf1a48cadbcaaf3140c0a9e938efb5048b985aaed9cb327b5d62f516ac75eabeac07980d31d8158eb83033f60359cac8918f7dbb0d3afdff1d4d0355281cbb4001b9f42d5270d2bc98dc8fc99b22c2623e241a89633e67b0fb70ab698ac1f4ca88cb0bd232ac3fd579d9f1f41301e439f051f873f9f63b2a7fdfeaaa7dc6310dd9525a4ae25ee08578ea2f683df958517de1db8c43f4bd11a0092eaa5b5d1862a66fc131e0d61f484711161282e202acddcfbf3b02fc8a2e5d4d9898df26277d18c5657724f0a6cf477aa4c9a70d991e0037f09d0ddb2dcb68305c8272bd4b6043e8a2a0f37588720265e2ebbe614bab416b8b948e578e5c34bbc2a51411a6b06218a03051b06094baee47396cee9319a94bcd5b9f1307278a678557e60aa42b1bb6289e092ee420f7dd1454d620991d3df1dba5440bbccf42e769c8e6058a1941f6156683041e4e019c4c4dc943025030406d8f5b3991479785ae34300645bfb2e647b35a8aede1948091d94eb6b945429ffe546dbffd90e7e6ee7ef6511ec2eb3791051deb865a2fef0cef89868b875a6164f069ce00db35aa43085c15d62a710e0b8585df4070b71aaa07c85acb4a4ab715d47de11e046325f940837371a16cad93100672f25f81c05465e68abbe5ecf0ec3b5e1fb9b60412c159c28d9a962c028b17ec1cbae7df49c09151f56ac4e6ea84b36f793e3e047919aa58f6c327646e0b190d692dc67dc5a27c13e8c21fcfb684ef24f93eb9e7ac8159b480050405896e169659a49fe42e20ecd98823a75913d5cd07d82b31afaf7eccc4e95f8e32729654e0a6ce07e415688aeb09aa4f2720e18836b8bea6ce19d3234d0b50c26b780b49590b6bd108416ee624e50ad1570c95217f8c054a4389963d4e3974664cdbad2f2c824eb6c01addf1d7c01aaf5169f29f3f1aeba3a73344340b44c68d414f8eb6603c8b98b7c574df2a1e77154e8c986ec4ed8f3be1628335c8bd25541656894781bcb798de551a0c4167ad62f364218c07419d713f6b6ad22c18989537463acf993ea532a0347bfe531ade1877078ece0baa2d5bf00ef31bee69571133a71b658a8ec186501b8c9c8d5ba2a0f623aa0d1597978a13155e82a33b66dbe4352ea9dfcac885348c7628674e9e063cf5277bf1c3250dd040b193aa25e8678ffbb3c942904a2e96929a3d2d1095a1f9be0724ab6f0203c3a6ba7c9c91ba0d68c8503238964c799516534012e125f90e39d4aa5d6132f6388d9955f0c91025877fab9e5063adfc2857de6c5de856b2572880f23be951909d2ae3c3f761da5ba567cf76a35d69ec40f3800d770e94f6cdafdeeaeff184231e66faa4e570de29fc963ff3f9b1ce23bb723cd2eb820267f314aaf6077e4c9e7eccd3115e6029989985693f788d9ccc604c5af459b79ff2f69b37a49d9a1adadce43cd71429445027828c14ad4b1ae5769b15bc76bab4a2c8497b9847a89325ab495b0f10fffd0e4e8934b07f07f7184a687b440c5f2153ccd1708cc89981cd98f5e538b601e4ca08c70d1497acaa045790d1028814e9cf5114af224281cf4fa7b03cf333f038f90f04d7148dd83580c86523ce655eb089c3ecb8752c77503425166f08c017e52a827c4f6a0401011624597a73dd147069385d4db3777b955daca723a256bd768925ed7c619809f135a505b5cfcda1b1027b87ef062e620438061317cd19c8d0ff6fd8f838f55bc38c648c4c1e8af041353691b7bf7ffefc11ad52b08a0b5fe84e42a144d77955350db95bbeaad278107b018b24a95a633144ffa58065381f45e142855297e12933d2a051c367f68c3f93dcbff151013d86fb47f9d0de7a9b0ecaf95291fd55fe41717ac6569d77bd61f1736f153cf21d793683b53ba75ca4f4589906a00aca6dcb220113f4395295195bd1979618bec5089a134aacbf6ce0261d766d7a39b004071f6a334dca4fd6912e1dba12edab2562499527e7c60acc3a95bef1959740f5fd84c09c3fd6565e1d2220a9f8412d290fd156d5ec2498c57b0065eb268f44c2a92cef47e451b3ec5e70472c1228d09b0cb4dc6082516087af19caccb9289d7bdb994e59542aae3ec1df38438355992751fc1afee23de89a15c9b5e23007222cfb24698bbf0d7362124077c3937fc1cae6d3389d1fb50cacd3b5e3d101c807c34f713880b3f874cc161290216f4289654c51389af5a9d7d4b63b2a1cb2ea02cf60426e83cbbb607c0302dfa448987ca29dbf3d4ed7b4fda155fb76ddae8dca8fe9da82dea9945ffc97ebf4d0ab3ea5e548a8073dea086397e640de5eab4463d8aa7e362807227a2083ef67f205c1e2432ab369c6435dc94ce5e0b7526b91f5a23eadb1116bf4252b1f06672f7d5e31c1c29579a6d4f6d83b2826ea2dbd8fedd72e666128d775398295cd15140e6810131151dc2c3a1841ebe66e741f409f00061bd51aff2fe8b0111172068241e69fedaf01b0be6114429469445c87ae87579b3e75559471bf5159044e260295a783b88aa7cb8d2e15cbeaec372df3242b89b2008cd9ed6cec57bdae4f3dd2d7302a0bfc55854f4dccc145cc86eb8959649d4cf2b1de85b98099190aedcce1dc32e9fee10e941e0ed71b49cb46a3247bc1eeb1af571bfbf8aa2c0d1c57869b8608f0fbd3e97f0344e2b4a4ddd97146688c67d8b8e8f9cba4e195a22bc300d0afac81ead4f278070782be88eb7c41f8ef5abf23b4a57abf63ba1b2b3e584fcd8e5eae6fd9c263edb8c8991a83b90d083a48cbfce3c3a86edf278bf296fabd81467c55f67241b10ee844555fa00b3a904ebe6d18337c852af68aeed31a0429860decc5624fb1fc02c639b4eaa7d0649b1a81db9c726f9def94b8725fb68aee54c9dbb1676c954a42b80985cd596a3a4d92d9692de479eeb0dee2022a5a34633f1bf5c79666dcec5b3fcd7306d7791bf7fb74ab05a44aaed97afc0b822405c96fdef38cee490cafc0c3a11bafe2bfcffce9ff5fe4234b9a532c82392d89430936a33c8cd584e8f43bb1045600c3ff2988638ecc406d0b6a32fcb8afcab76efbe089f1f2b429f183ef747cb64bdd55dfb3bab27ce22d427643c367ffc18bcb208a916cfd5de3f2f35273615b7026b435fe5b59ed98495ca00d8217c530067889b846df2e14a5ea00937642be7132755968c5aa55ff75a96ab9316265d84e07fe4051310297cb9c43c888c0d6d3b3d1569518038f041001c268f6ec64d3f00effe2fa4b439e32ec1572e56cf39b86a1b8abe3b7b3dfcdcebd22b7f18c1a9b6f7f48b5a3ed7b7ec1a529c920cee899cf54a4df1cfbe26c81dc1b43efde8579defb5ddd9a625a07550810eebc9175c7808d78f7368eca639fa1207f14fa1ffe09c264a46db7e98beed9c969f76c2665b7372e622dee8c615dd66127", 0x1000}, {&(0x7f0000000280)="4f00d200", 0x4}, {&(0x7f00000002c0)="c895f35bb8ffbdfd7c51a3f75445263ee46507763c700e96c038aa36bbe6a3b15ef1c161851bdeb1ca082eef9c4c7f1dacb4ffeeebfca06f78c8ad4fbc074b55c082c95fe5ef36bba30a77bef245aeb7e6fd9fb5a5740ce4e93433450915479429f2edb0713befeb505590ffee9b1155b63c455ca683a3eb142c039fe5f3c77269c673ee7a318f06e88cfd16392bc6482661da5af49a715e8a", 0x99}, {&(0x7f0000000380)="fe2838ad25207fdca5670d512c26d5ffcd0723bb21f804eb9bb3b7f4e8ecc2566191", 0x22}, {&(0x7f00000003c0)="936983a355f8da8555dd7a16dfb937d4caa4459dc8601c48ffb5d45653a89dfb60aee1592a05e254893856543e0d9a9b627a9fb7ab6c22c65bc9f7532329c455694db9152f9b0e9a7d6a", 0x4a}, {&(0x7f00000021c0)="64923e1344ccd5b40b4022811b12d648d11587f115c839dd8bbd798007a720ba4588d4aa8b158d07550c3b0e126593d9d954a295a93a9ff052a03378f136b24ad48cc2ccecfc5c9d9f017211055848e33763e1d7818f2a212b57c23e14e700bb922ac26c683173d93ab1761c751b905a986e38a93097d008df1411c96102fa3ee060bcc567807091f6c00d6116b55d1959daee11626dd13759e391ffeface8a87d3822cf8a380d07cce6a033251651ff09bb87bd3bcd735b8a8ba8ba43576e6520a98f4c55d17a8fbaccca9455bf7461225769c1df172a0abbfca2e9b761b80d06886bc91dd1994bb61f7dc308810cf72c89185c08a468d87a55bb95af6dd66f1e0c30d74669fd050e21877879c8d568d7be99931c55ba91458007a20f930a0cd79c78269236484ed8abbb82426c4b8d722f14c383557f84737b72f24540c8c0c766b5ff6b0a62a8b257f0344af2ee40e49d22b527a4fb199b1b5216085a9d6e211cc8e94ebdff38b8ec906c75d0cda46cf11b83cdee4c528a05b9a50b11681078442238981c94707857dcbf191e094693a1e285254c70a74d99cb852008fb0cd040d88dc707e2dd1b4218c545f8c2303da72b0f7ffb74fdf31d3b303213b16254bff8cd1ae15016479fb8ab59284b36d7896f023bcf020a96a359c8ab8feb3aaa49b8441bd4b19c694693e60bb589f1bb2ca8eaa6c338a79ce24653c3d68830b24d811d48a35720cc62417eeb11ff7cee699f995ae9bef5df937665f28fa78ea0ac883ed8b91d1bad8d80bc7765e6b3aad2fc2708ec604d312d35f4d997ab59280d928e623b01eba639d63be99863f2851dcf03b9813afeb74cd55b2c186853d322b06782fc59075abd9c6d28dea26f83a80ddeb1879b8af5316c9813968b132c409ba7995af5a15fc613cb0a9eea41641adacb73380ce611abd0cef5cc68ddd2566dce8181ea0fa8c0abd0dd68ec326fb117591df1290d35dd812cac46b4555aff149440f3d5aeaf6939b04cc36e49d18d692864eaea302a596919ad54672b96934fd783ac61f9cba304707e08a84415985a1ab1ed0b0a7ffb468293f45e062addfc3323b4cb048d3c166b6914d591eb3a0bbceabcffe2ac751d85d55a761f257db6f46bd57879c1aa28cc2566f1c9e50a6e685603c3d9185077381d3073ed3b169b19f8a137176daff03d75e68ed7e2416a9a32cb137b4062cf85a9c00782feb5f4166db686481f3fc54f23018040116db6ccbc3d8e9e886160ac0032eb790bfccfa014f9d67435b1b3af055e24fd4241031efc18df681cd1b8590cd35fb2a71a1a45d6d5e0bf3d02e01ac1e40c4c7bf40c94727d9b852afbd6b32a7bd60d4f389a65161c29e1f9c64af7fd7aea20467682e1828d455fb4690e44c2b4d3e78ef4c50144f95b628807188238b79afbcd78197423f453af939629247879157884ed26212294ca274d97c08b7b55249bad55ed7b2f98b2be21c86d487f1a762a51e307259e3ad24681642076ae20904ea99580f1c46ee00f1c1b72d35b10a09b129d4e8a3c07a02c20ab3683eea6212e1ae30042dc3048d4fab303b314fe164124635eb23e8aece0de82e0bb97a83cf6eb9e4e4fff2cac66dc95a4b7deca9020ed9aab8f86da593c2c081dd812e7e6954b0723d78c754608a16aa58d47b0b84c0bd4d06659fd0386a2f30ca2f16fc6e4d0771ed3c610d3970c135d0c332937df6f2b5c8e91cb84f543c769ff92cdea5ab65d164cedb2a71f12665e5d8e898d1761e11d1c3c772ea426c83519e3adf5380268bf393951df6d0e58d60e4ea0956d513a479af50e04fc6f3e66078c65ac842a9c4643124ca10005cfc46dd22faa7f9ac1ea2e6e044661275a79ba0cee6448b7bb0b6c10886afda0ea7ececb154c27e1f96c049d2667abb3208bf0dc0455b5346cb8007748121f27662dc9774cad4c0c161724f6a735d611101f6dc7ea90017c2f20486f3e6c9855fb07b6150dc86274a192ba2478a56d110462c91dd093752b5b0201934ab4718da3413b0885d521abe7211c79c48cb4b791a81b73d6879a8d766f02316d7943e97179b663f9f1c49ac58d8b8a4d59f2d7d162800eb369494c26f818cc206a0d56a37369327d46f55686fd2b45c426ddd0c61563bcb387d058650019341ce04a75df2141ed43609d531cad960e1a101d6fee7397f25bed10625ecfba1891932ff746f291826373fbbdc5025d603c2e9bc64fc7c2e7bc50f1f51da36cbbb464fbca369f3c6edfd5f23c7dbc50656bebf305b86db68565101a9ffb6d90f9f1d5fb41dc45046af17ddaa35a8edb9442705fb7e8f2a91f9ce75ba1fa9246bca866569e7e599f873e14e1e58355be834285eefd7672b5d7a65b72f7f59357280587c18983d8bddabe6ba51379e53f093377d41cc3262fe22ab4ef05ac2afe4dc2988768ba45bd1a8918acfeec29ad8d1d4e57c6c92c105e9fefdd63e9148cb736b335887b88414a9ed456e3f8b67ff2255c9715747b8551181392fd7a5d8aa08cccc74876535d14740093a529cb5a1738a3823d828112b0b328311471f074a7e2b11d30ccfaa6c02a3a5d3cbeed61859c86d6f66145855e6dbd2959d411f010085b410125ac564b75d4b2d31239e0e4e9588ac3ff5082ea6417d75afcb6f6a144d9fa4bdbc6bc571bd26254e695639efded453aa8e3d1691676a776ea9da1273642752f7c55c4d9ca1b811d8c29014b030a8eb11838658dec86cc9cf1ef6547ee3f25d97b443dcb24ce3d6b64f9307d8fb03ae21474b4c12f74a012cc7a5c881b539f3a4a8d9e7b8f76c1061cd121a68298a99787270da8aa8b94dc1e3498ebfab6a353cd80421e2702647ff6a339055da4c439ea45a611de13ffb1e6fa4ac9a696e93a57b0830b2639bf7a1f97d64e2d408459f192c7339c0f8d09142bfdc7907b8cf4b639e50ba278c2f6a2fd7ac100d588ee934c09592a73878435d6b981f0a9dd7a6aca7703a56213b056ff56b436e52c0717886909d3462d17d32c6dfdc434ce69e5403dc64a016bf40893c510b16248e8be72b917442c34c024a0adf4322ce58b2d396634dc12346d7948fedd55d209c4f63f3d8129bb119ec1f8e5b5afffd4c45154a74563dec349594154d133e145dd4731caa3dc3e6d39d9f5f321528bf1172718dea63f0917faa0a70f9ff87a0b872cf3ad3a63ea18bb99638eca0cd93728f127af4bbc8b711732ddb7da70e8b319c58357e97a99f959124dcb3e8c1e2d4812a81f647d8327799725037d417ab3ad618692adc0163e6ca41ee498e6b4a83e9eafac514b480d7a32c2b91b15e7425521c79785fb7fdbab0b2fb5b075355d0477d497a72e8157803ab5c9dede87bf52f6f01c901737608e0de1a0e281fe2ea25b749cdd0966eb56e32d43a5a0477251ebf7f1f0ee7c16dce47c3aa7c2cf9315e36433e352a268f3ad86264a7b092346d0b298d3f1066b087e6958063996d42e714c8bb355db8e23d8a1dcce0e3ac2d414d43e0b5d3b39bfff4fe299ab2d2c20a40389e5753e9354ce3c94f00f97c59afaf881f51de680029842ce46e16daa88ddf0cd7756e508a4e59aae91d49b8b4f6156b59bd2882862069824a51a95c22f5e034e7cb7b8055e5343cb5befc70041bdc66a4fd91d96f3f4f4ad1fd1e0b5fd3b00022224811d5b3dc5c567318f4c3066ab5756dcdf252baecaaeb3d1b93a0fd664e5bf875fffd14e453412553a6f48491ee675bb2e333d7a847e7075c8c216027afc42c9d6b28025e42fcd2305571f3422a838ec976f0082e0f5d4212c3b298ad0039468b073b8da5f3e3b7c4bbd2662ecbe5e57d9269ec9670717f458848d1148b63d3605b6c207d51e8fec659eebb7da555ef983f36250459fa103dca4a814519a890cc82f4252c46094fbf316eb935d1ace11aaffb7f57c31c61cf523f3d3612d5d075153fa4a961f2418eb32a0c71b71f7336783c99cca4f5e90a85fdca3089b187a95d282a35b6957875f73096128a62aba25f1de5346651ee6e1de27599b6da959f117379a0393a69add67e1f1e83b650d3c3db6becb8fd14068b83d5816f713e24df6570966a51f9c85d300932d4d5f5881b9111e1a84c130828381f1698363f9e2a8ca637e02bfeb2876249d9528bc580842569e0a7d1682cc44f5cee173f381fa11a2c33cfc0bbb63815cf02256ff14435c7ee78f10b470da4f35fbf994eddfae5961539345e69fb4ab7a7e2dd9cd759794c4a3a7b8a08d1a08f96053b85fc5e5dad69093eb3fe8752e909f0642880623a414bf8d6c22638e09f950c7416c707a9dad3d1cc6add0403bf4a56c341e647259d263a29d58bbec19a3ec52cec7d3c28b5c6b79995d99537c74b0e214f954b455d1d285f41585b37f170cea0e1c694d7abf1be73674b6ac7bd920da908b90d9f3b079694a7513446545d1be60914a15e022506d5d636cccb719930db2ca9c0baffdef2d0cbfb45fb43103e1a905175edf0c55ea75738831c340485cb85c818fd59cbe119dd4a0a026b1249fb74c3e7664801c6371aea6cefcaba1253750d2a625bf6d71efcec5f67358c0d6e1dd5f1314abc31ba165efe0239953e16f4f1b13ebd4e5d203bbae61cbaef47a6fa2a42717b9a8d375dba6e4393c1c088ca4f634e65cb785670d6b239fb861a39aaa3879db7f74fdc8e86e21b46be60f259946971867144534bb0654cd4c3c5ca96a241a3561a7823189be59d8d07e42b1c84ac624dba20a1a9c3a3dfb91c64a6c21c184f6a7963219ef089b9f137527b820c669056f3c4cae5369d99f4f3a4d3898dce4d33e47988d626045e42d6043b593f9cede7deda0ccee0ccca85b222f262d606e8d53585985931e2868155aa90c642a093c3352ba085c5467591ddcb605124d98c670a051b738b10881179a5f04c5887c2c224cab35b2165e0b55c299391a9ec9fd2f2612908c5398f706850e363a5e182533c547dcd2e872611403d6446832c4de4e52e892efe3248568431c37c8abe77eb6c426e9f7a7ebda081e90fc0e9e07d7a998b3912371ed808fdbb7a2afed95f7c20e84b238c2be56af657afc0547a0f86cfa5a2bd36fb1ce4c7a15291f02b8dfd8095f22bfa3c653392436a176ad259cb46f8d49031269cd9b9808d272446698b53502557c7d1295efdab794299b6417438c03f97e93a5cd45bb6f6c9d0b36b637e1e4f1494f79e9d1802e0a8955852a49f786fe65428941583d36287ae1b5405fd84c6e0a479e4075ff69c576b2a4c9571b882fbe08d04079f76d4196eb414940d9eac6ca7c174d53d6faf14fda699f7c90a90fa27ece779f627464d5254ec6ed5c32d145eb08cafae82f134d983d247a1d3bbb6504abb3aa70bc33c5f708609c5ff0bc328f09d6aa07fb68763e0f679a1a36d58fc6a4967c2e55e1ceb4c4c7441a8881561ae4454166bc9402c20240bbdeb0eaa118e558aa90d4ca18193274de3efe15da353a5fc2c6eab8ce46197288ac7e3bc9a3dd037041b1db98ab9382543ad79bb427b1212f3f33b20beb1fe50db3fdebc39d327d7bfe0050dac0b3cb2c89c0beffd261f20aa165da90b740985dba136dafa3274a681431f6554f7a61cc54112339a33e1b07a2a957eafed75dd692f23c77a6e6b1b69db88a8ce0b71405a4c9dc9897a71f7bc730051e7abf7f90d8674c27106145ad968c8dea1db9e68c1d5c981c6f272999cf88a1c444b3a11f46e2c5f06d541d25a4f4943e57d571763525970fcc5dc88f6076ce805ebe7800ee16286e3a112170090cc0f1f26b32b3464fe8ebedd2f9581667708098b2f3", 0x1000}, {&(0x7f0000000440)="15d5ee11ebcb4f9cf7f31ae8350503bb82d2137afa5b81d53cfcdcf781c7c7d0edf9ffbba2a3dffeb364b5c4d036ae9576e2b47de521013ebf7aa0823c1b07cbfb0ca2a741fce6e2e2a0a0e2e1f3926535ae81f4e2e2f6fa06987bb820c586b5932eb1a1ad6c20cb84dc499719a1bddcd21075f6606e9eb6a7a47bec2fd05a9d1535a270dab30f751c9b50978c92d9e76eb9893bd58c6e31e125f0f7fba1089d48703e65eddaeb33cd1054", 0xab}], 0x8, &(0x7f0000000580)={0xd8, 0x0, 0x6, "dca115e3704803dd121bc2daa5b07f67cff802827a84127a6bb4ec0c8eaeca1d8f6a6b46e3202c8cff64e49fdf0dd7c0fca10dbac2a7fe52ebb5e1a5868764f76afa5b9b5a91e8c25d55f267ba65725ccd7a3d95cf5f9f501f28f000deb90cd3fb63ea90313e625340be20867ec7246b18b49b34043c94e1b784037c03d665aa9e4874f2731d5fea6c83243c874afa1377e20c743f67c657a3892115f1e7e8a8b97be4a5a2e19ec0a47c064e94d99e73b6c1131fcaef975ec49c90c86810647456d999cbf6"}, 0xd8, 0x20000080}, 0x40008c1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r1, 0x400000000000001) 01:41:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x42, 0x0) [ 338.282845] kernel msg: ebtables bug: please report to author: Wrong size [ 338.306974] overlayfs: missing 'lowerdir' [ 338.315087] sg_write: data in/out 3171656/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 338.315087] program syz-executor.2 not setting count and/or reply_len properly 01:41:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 338.410646] sg_write: data in/out 3171656/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 338.410646] program syz-executor.2 not setting count and/or reply_len properly [ 338.424099] overlayfs: missing 'lowerdir' 01:41:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x43, 0x0) 01:41:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 338.477386] kernel msg: ebtables bug: please report to author: Wrong size 01:41:58 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x400000, 0x0) ioctl$VT_WAITACTIVE(r1, 0x5607) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x400) r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x63a7bef353674712, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', r1}, 0x10) renameat2(r2, &(0x7f0000000080)='./file0\x00', r3, &(0x7f0000000100)='./file0\x00', 0x3) 01:41:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:58 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="67f725d055dcfd7b47ff899ef144669800000000014138d7ba38dcf21acb35fb8454401e051ff572618ee3ff41e46e3f8148707ee532e5185e55fbdeb1c88fa14165a2b59779d8ceede4475684e1e735f9f27d3d82f8e0f23d8d24466eb65f39665da6d0a53a556f120f81a3107be763a52633551d02b85f1027ddb33844b16efe8dd8e6a17b264f1ac98e351f48f3beef4cb75e2fb1968f830bb343720a3d4e90c6f2cd5a96db5af3d3"], 0x15) bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r1, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendto$inet(r1, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) r2 = fcntl$dupfd(r0, 0x406, r1) connect$netlink(r2, &(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbff, 0x10000020}, 0xc) shutdown(r1, 0x400000000000001) [ 338.609732] overlayfs: missing 'lowerdir' 01:41:58 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x80ffff}) 01:41:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x44, 0x0) [ 338.645530] sg_write: data in/out 1684960011/2147479510 bytes for SCSI command 0x0-- guessing data in; [ 338.645530] program syz-executor.2 not setting count and/or reply_len properly [ 338.671361] kernel msg: ebtables bug: please report to author: Wrong size [ 338.685589] overlayfs: missing 'lowerdir' 01:41:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:58 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) fcntl$addseals(r0, 0x409, 0xfffffffffffffffe) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000140)) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/92, 0x5c}], 0x1) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0xe8fd90342b56f4bb, 0x0) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f0000000380)={0x127ff, 0x0, &(0x7f0000ffc000/0x2000)=nil}) r2 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x3ff, 0x60080) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r2, &(0x7f0000000280)="4329fed46fc530155f1d6d8e69a67c86dc72a7f5056746efc8fd3e095045841a53440a95230fa113873a7c8b72e87cec58bb1399fc73f53302151504a8a5fbc6975e073e6e46"}, 0x10) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000180)={0x2, 0x0, @ioapic={0x17000, 0x8, 0x1, 0xfffffffffffffffd, 0x0, [{0x6, 0x1ff, 0x43c, [], 0x3f}, {0x4, 0x4, 0x2, [], 0x401}, {0x6, 0x81, 0x8, [], 0x7}, {0x4, 0xffffffffffffff8b, 0x2, [], 0x5}, {0x3e, 0x3, 0x81}, {0x1f, 0x1000, 0x9466, [], 0x5}, {0x3b17, 0x40, 0xaa2, [], 0x5}, {0x3, 0x4000000040000000, 0x1, [], 0x1f5}, {0x2, 0x6, 0x6, [], 0x1}, {0x3, 0x8, 0x9}, {0x52, 0x50, 0x15}, {0x401, 0x3ff, 0x39, [], 0x2}, {0x1, 0x6, 0x3, [], 0x2}, {0x0, 0x3ff, 0x10e, [], 0x51}, {0x80000000, 0x10000, 0x3, [], 0x7}, {0xff, 0x6, 0x472, [], 0x8}, {0x9, 0xfff, 0x0, [], 0x1}, {0x8, 0x200000000, 0x9, [], 0x2}, {0x9, 0x7f, 0x7, [], 0x6257}, {0x9, 0x0, 0x4, [], 0xb04}, {0x2, 0x7ff, 0x1, [], 0x9}, {0xd41a, 0x280, 0x9, [], 0x6}, {0x0, 0x4724, 0x7fff, [], 0x7}, {0x1, 0x8, 0x100, [], 0x401}]}}) 01:41:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x45, 0x0) 01:41:58 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) write$nbd(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="674466980000000001000300000000009b92d3bf35ea9c2936a4c5732d00cee9aece9316885af981a939f5f64ebb7f9c905ac5a10d1c6a8e4c8d45f2f04a255900fe9e0172508da26ef4046bf6def274c7982dc23298e66a358dda61b4cec7ccd299b73fe742f9982e6e9d4c0a0e34da74d1"], 0x15) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xfff, 0x10019) sendto$inet(r0, 0x0, 0x0, 0x20000806, &(0x7f0000001180)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x40000fffff7, 0x802) ioctl$FS_IOC_FSGETXATTR(r1, 0x80045518, &(0x7f0000000000)={0x4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r1) sendto$inet(r0, &(0x7f00000003c0), 0xed5f0dd4, 0x0, 0x0, 0x184) shutdown(r0, 0x400000000000001) 01:41:58 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) [ 338.873707] overlayfs: missing 'lowerdir' [ 338.881695] kernel msg: ebtables bug: please report to author: Wrong size 01:41:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x46, 0x0) 01:41:59 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) 01:41:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x47, 0x0) 01:41:59 executing program 1: r0 = socket$inet(0x2, 0x3, 0x20000000084) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000001200)={'nat\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x242, [], 0xffffffffffffe56, &(0x7f00000001c0), &(0x7f0000000200)=""/4096}, &(0x7f0000001280)=0x108) [ 339.007639] kernel msg: ebtables bug: please report to author: Wrong size [ 339.022241] overlayfs: missing 'lowerdir' [ 339.045675] overlayfs: missing 'lowerdir' 01:41:59 executing program 3: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r1 = userfaultfd(0x0) close(r1) clone(0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000400)=""/100, 0x64) dup3(r1, r0, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0xffff8000}) 01:41:59 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x0, &(0x7f0000000100)={[{@default_permissions='default_permissions'}]}) 01:41:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x389}}], 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00') preadv(r1, &(0x7f0000000700), 0x48, 0x0) [ 339.136002] kernel msg: ebtables bug: please report to author: Wrong size [ 339.226537] overlayfs: missing 'lowerdir' [ 339.248273] overlayfs: missing 'lowerdir' [ 339.308948] ================================================================== [ 339.316629] BUG: KASAN: use-after-free in get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.323900] Read of size 8 at addr ffff88805b209690 by task syz-executor.3/17228 [ 339.331413] [ 339.333019] CPU: 0 PID: 17228 Comm: syz-executor.3 Not tainted 5.0.0-rc6+ #76 [ 339.340264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.349595] Call Trace: [ 339.352166] dump_stack+0x172/0x1f0 [ 339.355774] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.360603] print_address_description.cold+0x7c/0x20d [ 339.365952] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.370877] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.375718] kasan_report.cold+0x1b/0x40 [ 339.379759] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.384598] __asan_report_load8_noabort+0x14/0x20 [ 339.389511] get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.394159] mem_cgroup_try_charge+0x238/0x5e0 [ 339.398717] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.404240] mcopy_atomic+0x893/0x2600 [ 339.408249] ? find_held_lock+0x35/0x130 [ 339.412319] ? mm_alloc_pmd+0x300/0x300 [ 339.416287] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.421887] ? _copy_from_user+0xdd/0x150 [ 339.426023] userfaultfd_ioctl+0x4dd/0x39e0 [ 339.430394] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 339.435391] ? userfaultfd_read+0x1940/0x1940 [ 339.439865] ? mark_held_locks+0x100/0x100 [ 339.444090] ? __might_fault+0x12b/0x1e0 [ 339.448135] ? find_held_lock+0x35/0x130 [ 339.452175] ? __fget+0x340/0x540 [ 339.455607] ? userfaultfd_read+0x1940/0x1940 [ 339.460178] do_vfs_ioctl+0xd6e/0x1390 [ 339.464057] ? userfaultfd_read+0x1940/0x1940 [ 339.468580] ? do_vfs_ioctl+0xd6e/0x1390 [ 339.472656] ? ioctl_preallocate+0x210/0x210 [ 339.477052] ? __fget+0x367/0x540 [ 339.480592] ? iterate_fd+0x360/0x360 [ 339.484552] ? nsecs_to_jiffies+0x30/0x30 [ 339.488696] ? security_file_ioctl+0x93/0xc0 [ 339.493088] ksys_ioctl+0xab/0xd0 [ 339.496531] __x64_sys_ioctl+0x73/0xb0 [ 339.500399] do_syscall_64+0x103/0x610 [ 339.504273] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.509444] RIP: 0033:0x457e29 [ 339.512611] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.531485] RSP: 002b:00007fcaadffcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.539165] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 339.546419] RDX: 0000000020000100 RSI: 00000000c028aa03 RDI: 0000000000000004 [ 339.553682] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 339.561016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcaadffd6d4 [ 339.568275] R13: 00000000004c240b R14: 00000000004d4d98 R15: 00000000ffffffff [ 339.575531] [ 339.577141] Allocated by task 17223: [ 339.580843] save_stack+0x45/0xd0 [ 339.584292] __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 339.589206] kasan_slab_alloc+0xf/0x20 [ 339.593071] kmem_cache_alloc_node+0x144/0x710 [ 339.597671] copy_process.part.0+0x1d08/0x79a0 [ 339.602226] _do_fork+0x257/0xfe0 [ 339.605663] __x64_sys_clone+0xbf/0x150 [ 339.609617] do_syscall_64+0x103/0x610 [ 339.613567] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.618723] [ 339.620320] Freed by task 17223: [ 339.623671] save_stack+0x45/0xd0 [ 339.627110] __kasan_slab_free+0x102/0x150 [ 339.631324] kasan_slab_free+0xe/0x10 [ 339.635097] kmem_cache_free+0x86/0x260 [ 339.639056] free_task+0xdd/0x120 [ 339.642504] copy_process.part.0+0x1a3a/0x79a0 [ 339.647063] _do_fork+0x257/0xfe0 [ 339.650487] __x64_sys_clone+0xbf/0x150 [ 339.654435] do_syscall_64+0x103/0x610 [ 339.658385] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.663545] [ 339.665186] The buggy address belongs to the object at ffff88805b2085c0 [ 339.665186] which belongs to the cache task_struct(66:syz3) of size 6080 [ 339.678692] The buggy address is located 4304 bytes inside of [ 339.678692] 6080-byte region [ffff88805b2085c0, ffff88805b209d80) [ 339.690708] The buggy address belongs to the page: [ 339.695613] page:ffffea00016c8200 count:1 mapcount:0 mapping:ffff8880916e2c00 index:0x0 compound_mapcount: 0 [ 339.705575] flags: 0x1fffc0000010200(slab|head) [ 339.710317] raw: 01fffc0000010200 ffffea00014c0d88 ffffea00015d2688 ffff8880916e2c00 [ 339.718171] raw: 0000000000000000 ffff88805b2085c0 0000000100000001 ffff88805ca843c0 [ 339.726032] page dumped because: kasan: bad access detected [ 339.731720] page->mem_cgroup:ffff88805ca843c0 [ 339.736181] [ 339.737782] Memory state around the buggy address: [ 339.742688] ffff88805b209580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.750032] ffff88805b209600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.757370] >ffff88805b209680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.764701] ^ [ 339.768570] ffff88805b209700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.775905] ffff88805b209780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.783239] ================================================================== [ 339.790574] Disabling lock debugging due to kernel taint [ 339.799451] Kernel panic - not syncing: panic_on_warn set ... [ 339.805355] CPU: 1 PID: 17228 Comm: syz-executor.3 Tainted: G B 5.0.0-rc6+ #76 [ 339.813989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.823315] Call Trace: [ 339.825881] dump_stack+0x172/0x1f0 [ 339.829482] panic+0x2cb/0x65c [ 339.832649] ? __warn_printk+0xf3/0xf3 [ 339.836511] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.841334] ? preempt_schedule+0x4b/0x60 [ 339.845456] ? ___preempt_schedule+0x16/0x18 [ 339.849888] ? trace_hardirqs_on+0x5e/0x230 [ 339.854188] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.859007] end_report+0x47/0x4f [ 339.862438] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.867359] kasan_report.cold+0xe/0x40 [ 339.871318] ? get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.876137] __asan_report_load8_noabort+0x14/0x20 [ 339.881041] get_mem_cgroup_from_mm+0x28f/0x2b0 [ 339.885691] mem_cgroup_try_charge+0x238/0x5e0 [ 339.890261] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.895772] mcopy_atomic+0x893/0x2600 [ 339.899632] ? find_held_lock+0x35/0x130 [ 339.903670] ? mm_alloc_pmd+0x300/0x300 [ 339.907620] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.913273] ? _copy_from_user+0xdd/0x150 [ 339.917491] userfaultfd_ioctl+0x4dd/0x39e0 [ 339.921796] ? drop_futex_key_refs.isra.0+0x6f/0xf0 [ 339.926786] ? userfaultfd_read+0x1940/0x1940 [ 339.931258] ? mark_held_locks+0x100/0x100 [ 339.935471] ? __might_fault+0x12b/0x1e0 [ 339.939517] ? find_held_lock+0x35/0x130 [ 339.943551] ? __fget+0x340/0x540 [ 339.946985] ? userfaultfd_read+0x1940/0x1940 [ 339.951457] do_vfs_ioctl+0xd6e/0x1390 [ 339.955317] ? userfaultfd_read+0x1940/0x1940 [ 339.959872] ? do_vfs_ioctl+0xd6e/0x1390 [ 339.963905] ? ioctl_preallocate+0x210/0x210 [ 339.968285] ? __fget+0x367/0x540 [ 339.971820] ? iterate_fd+0x360/0x360 [ 339.975593] ? nsecs_to_jiffies+0x30/0x30 [ 339.979726] ? security_file_ioctl+0x93/0xc0 [ 339.984113] ksys_ioctl+0xab/0xd0 [ 339.987540] __x64_sys_ioctl+0x73/0xb0 [ 339.991403] do_syscall_64+0x103/0x610 [ 339.995268] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.000431] RIP: 0033:0x457e29 [ 340.003597] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.023079] RSP: 002b:00007fcaadffcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 340.030775] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e29 [ 340.038021] RDX: 0000000020000100 RSI: 00000000c028aa03 RDI: 0000000000000004 [ 340.045263] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 340.052513] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcaadffd6d4 [ 340.059772] R13: 00000000004c240b R14: 00000000004d4d98 R15: 00000000ffffffff [ 340.068228] Kernel Offset: disabled [ 340.071843] Rebooting in 86400 seconds..