79565e447aedc5b9342ffe7df59ca6a133682a67433c2cb303acb95079e3c59a4e86433ad35969414f970d89c5000285204f3538985ccac519b86d9ad1b8426730127cb96090702e3e8d946c5385263e7e93ee53387daffad8d045cb67257cf58c047dea408e2cb293891346a04e7d0b1ce5f6b0808e40e5c43871c1ca02c0a34dfce0d3373bff67f08e5dea4117a9b934d391b55398b5b2cbf313109d5ca129733320b34b5274966f01039b50e1926d8d0e149cc912a0b63574e80b5ce7165616de50fa9a6ce0d1edf4cde027e41d194add2089ee2fa164fb62ba5165cd24da75049a9d6d58b1ed83fab707e3ae5b9ddab7fd4c5b05e5d06611a19c346f83b44bece67ae9ab05b397ac52ca5dc703e98d85a9b42f10ba0c67a4a03214bf4a96b61f28b4d8cc2d38ac07bff078bfaba73f4ab0571a8c06e09491da6f274916f53c1a7657069522101c6d94822fcb0e64439ec0c6b21f4a4bc4388560ec916d7d6fd09683e5fafea5ad55bbd1266e03df9605b0b6923438bda54143c1e75fa7b3f097ebc705d412b212844f4a527a1d1225c9f5b9de8455b9df0dddbb292ecb0251bfc0144d9734e9ca00a64dd41675847836dbf5b83e04cf609f1e004cc567d2342833a23394b6c19c832f8987c3c209cf845b2d3daa31ac4b6ab73843689336f8b3a630c2f925b0143e134d17c9bd069db9543847528f3567d251d99fb8552af84e5d5f53ef8f3e2a47c9fb502a542ac95b1ac4a538bc08e6362b38c41bf837d31578c5f117fd54e002aa72a97aa9946b900af455837bfbcd60fcf15f2ba6f8a430e6e75546d8cd50d28e015100c8496dd82cb738ecbbcad33416a8abbfba87baa1e33bb477d87e7bc2b67afd8332a0d58a47e9b002adf25256a635b4ebf85255d930941ffb758854a2cb18d1f9e4d80335c07413c0a93c7a802f2102a4e14d349283665a4ea28437636a31304f5d39a640030881ed820dca1fcc1d73511c0198f6212c73e4e0985883d5be4ec9d074c82ad8b420848a8b0a1e44e98c58770006a05782693d12322aa945084fed11c80a9a68f9c978abe1b3275eb0a9c8f33049be6c9f8abbe8fe367b6da2bb2215d2290cdb26620495b4b3024316d276706af92a55b521960aa9fda416531cd1353305039f56f5928cf8c7aa54104fce551ea8f62d685d0770ffe68478e0afbac971a0918d41fd4b274eeef26ec270e4b51426545306523e90536735fe647fbf99481d6456124c6e8430131c04cb3a4829f8c00e3f10b5ed4b4a0a02472ee56093379d16304b1016ec1a1a3f11f251e8ef20f2799cd71935e0b59a1f025eec110924ebf5693585949a76ccbcd456c2adbcbd1a4cc3e8f380932f5375e0f27b8730a20759acc350bc9285e9ac55cd1df68dd10ca3f1ee9843369d0f49689753997aacc9fc6a2616cee6e13008547e270aff7377dabea680fe6275e2697532d72f4d7b6715b424dd9f7b599d547bba7823044a0a6caf1ebb28c63237d29bcaea94703fff5457935f63425614b4dc59bba0183de6ab3452501b529126eaf77be9fcd4e2d80d2e64badc4cd8d2385e1898f4e5b1bffdf0d1317c894186a8fdceecc50f8e7f3118f83f1e377689926eb27067e77c5d863a472a49c37432cd8eae45d3dc8588caf294a421d908baf703a64a9c594778740d8591f8e43cfc984063032a225d091f30c5b3d500b3f9a0b7be0ea6a8c3c6cf311dbd5e1306398327d1da054e9247522683fb9172e58609bba5ee73d9967b37edccbed644f738b4b527b6f2ce8106dd2815bf318fa11d3e7a6b4c34e6af4f5d62b474c9532e54aa4994bd844495b38ad34094130c2c95be76e883e320e66198323809be27d3ed7302ca744897dc74e310df9345a3c0507cbc1823619486e046d6c0c061957cff59bd2c46dd6822c85fa50ddafbfd15b8759ba134ed2d2ea134acb920a3ca73444feb194aaed71ebe9b2452d5d7313c53d9cfc0355d3008b8c4f64a9e39c8352a9fe57b93a59aec7feced2fe9b7328b1e96ddce7caaf2857bb6335f9c1511cf8d33d7b361040df9d8f5c5fac0c937c33f6"}, {0x58, 0x107, 0xfffffffffffffe30, "877f9f815276d97eeb6282cd18d8c418e26124e4e621a03fe0e908672dc6136eb7cf7dd28a10681bb66acbb830de39ae05f264ab71710a623c10a93a4414b9ff719b"}], 0x1170, 0x40}, 0xb72}, {{&(0x7f0000006d00)=@ax25={0x3, {"b29011c327a416"}, 0x4}, 0x80, &(0x7f0000007380)=[{&(0x7f0000006d80)="286a0f26fc48528301e6b92e4ac440170333010b0f219a47066c1a912d9d2b319b9141fb19e0e5e834a7cfd8fa752d57553c7e4373650effd8706360c3d71ef7f2da862c08258943455697a489c0d67c7bffa533c5ef8e17b6da9df8b9c19790eefa4aa54b59d2f5d005845ade09fdce9f6f9a11bbbd38197b44f3d3b3c4869760612b7cb518dca82aa2afe2bd8edf407eb4c60a846c5cdf7c9d707775a0ace7c2d2a47965756bd99ba5444a14bdab20a58aa959f45044c4c52740bc74fb5c0f3a0ec9435f68986d9931b170e4a3f96740b83733d6fc923eaaa312506c7d7dcf766bdba4142f32cd03b5968165c53f0ca77ed8c0d15093081e5b", 0xfa}, {&(0x7f0000006e80)="c05799302fadb11710c98c0f91b6f78441cd8695e3c9f76495b00601deb1a6929937cc6256af7138f831071a87c70eaa27affe184145054983d5dabe60ef1b6d2c5a78fbee885688bcc146ad0d79a49085a17adf6163c55e168ca3c768d6328706feadada8a7", 0x66}, {&(0x7f0000006f00)="b7dc48c3d4d253f6c69e5cb07c81bf93c7d7633d118b7435d8f36a723308e83deabd13cb21a39385200ef11b75794e8703f0f3f634b91f65c3233e304971f8f65746", 0x42}, {&(0x7f0000006f80)="cdea8866e983bfd6fa4c6500f828ff4e28e6970f551ffc44e3b2a31842929825db309dac467d17f693f387c053d0ce2b72c2009ccda4bbef4874b599229a0a501ee3e9b17485227f5728fab9478e5ce5dcc4ec44de8dfaf4b23fbdb316d53633281c49227b7e16514df1f8f9d1f33d57ca653c104a5920f431121a007bbf32bceb55988c9c77d3c8b9d37408db425e9c810d1bc3b2f6eea90a5ce5ae1f63ece5800f6f2a0d080db1affb9ea9e9bdeb7a8c19b680cae5ef875f0db1998d89809721f7c81d01e0afb3b70b", 0xca}, {&(0x7f0000007080)="496355016f7f2861309eab9562a47bfb7f32150c00a28c2d30e8b5a76df73dc32e772ce57ab27c12e877477d9fd7cb48468a9bbd79f5e23f22e4630e60870d0d2130bb848e811955e3ce6422541f5ad1feac5a2c31e466aec4ba0effa1eabd9386866bd99fb7340da8a993abacd030ebf57fb1e801a1411a826ac674b4d09515bf0a81c5bf90d074462a9be4cc94d355ecd3a6fa996f0de9693653e9038382793d15f3a82379595c8a485ab0b689659303a5ad3c6e5fa351039053ca2da5", 0xbe}, {&(0x7f0000007680)="d1822869d36802075377dce905420c91d9e002464c276b30cfaf7b5befeecc", 0x1f}, {&(0x7f0000007180)="4c4167095b3cb6bec9bfc42bb97a74e2fecde63c15adaee7ebf5beb89b6c3a272abb2e9480588f20ecaf3d5ea4461072ff291f7d41a375a4f519377f395c6f4d83395a1a881cb83f3d632f3debd0a81bbc6b1c2c5c734c3da6932b7a92b11dbd22c478a28fe7cace2151186356d1f5020e7b55207505604f23b51bf7bd0e0f38ce610ad8d020f8c2f63d8ca8d15fa829ff5ebfc525291d23e132afc123e22939d04ec4c47f4acbdbbf6a0c1727d889d86b4e267a53331c25e84acd8cfb543bfc8d91a8c52ce6ad1a068d1bc6141163f12446d0c0d67380dc4e3877dc36612e186f3d0a2c470cf2d9c780c6c7f3b56f", 0xef}, {&(0x7f0000007280)="1a47ee2586aaa0d6a24dd06877b5a5ef8b", 0x11}, {&(0x7f00000072c0)="2581ee380e05c402aff00c9663e288718e04b0c2b9961ef6d23e483bde309635a1dff906f53a77cd28267dc347ca0c542049f461b818a103e291801becd1742f4d8000dbc756e32642ef5df263672295cd683adc0d19fbd64b343472ebe6124cfbac4a582d", 0x65}, {&(0x7f0000007340)="493fb4ebe279833f9a81d978dbd6acb926f671", 0x13}], 0xa, &(0x7f0000007440), 0x0, 0x81}, 0x8}], 0x271, 0x1)
r2 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000007440)=[{0x4, 0xffffffffffffffff}, {0x0, 0x4}], 0x2)
ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000c00)=""/239)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
accept4(r0, &(0x7f0000002ec0)=@nl=@unspec, &(0x7f0000002f40)=0x80, 0x80000)
ioctl$FS_IOC_SETVERSION(r2, 0x400448e7, &(0x7f00000000c0))

03:44:36 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:36 executing program 4 (fault-call:2 fault-nth:12):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:36 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448ca, &(0x7f00000000c0))

03:44:36 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:36 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080)=<r2=>0x0)
getresuid(&(0x7f0000000380)=<r3=>0x0, &(0x7f00000003c0), &(0x7f0000000400))
fstat(r1, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000004c0)=<r5=>0x0)
accept4$llc(r1, &(0x7f0000000940)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000980)=0x10, 0x80000)
r6 = geteuid()
r7 = getgid()
fcntl$getownex(r1, 0x10, &(0x7f0000000500)={0x0, <r8=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000540)={{{@in=@rand_addr, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000640)=0xe8)
fstat(r0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000700)=<r11=>0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000740)={{{@in=@rand_addr, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000840)=0xe8)
getresgid(&(0x7f0000000880)=<r13=>0x0, &(0x7f00000008c0), &(0x7f0000000900))
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000cc0)={<r14=>0x0}, &(0x7f0000000d00)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000d40)={0x0, <r15=>0x0}, &(0x7f0000000d80)=0xc)
r16 = getegid()
sendmmsg$unix(r1, &(0x7f0000000e00)=[{&(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)="bb3cda0b4a025f7c2f947eac96bacb34e823776d1a6dd9e403a545d6fac84eff67a05e2a994064ff283080bf1e7afbd16fdb7ac763241af7b9d9947679fa34ceea36d3ec798b0ce034a77793eeda87020117e9c954e0ddf8c876c2147e8b4da66d118e8034a08f650b9c01a0a17bfbd7f6f0c26594ffdaf922f2b88b717c218d8bc2710c9fd9019372ca6999061aa7d262641333c81d967347f83b98ffb01f7152e417e07208ba1cdc979ea1b098a9685db3f54d52970c4562607851bfbc26786c625a984df924d5322a12c5a6283be53dab5233b42d0a26a3609f65d0ff32abf03fffabfd", 0xe5}, {&(0x7f0000000280)="74c6ee1e72015753a2a137884ad79eb23aba1ad56ffdb80441ec9a05f7280f619e49696076ad421506951640a4ba65fb0198c3f4cee4f843554ec5d39f02a99bc8a54fdbb8b72b6d543277a7df81d5ad1e66c16b10edd155bb268dd5aab07417d587e98ec4dd0a84bdace6b93cfff623c3909d90569d20c11b3751c95d3cf39fd7bf9b8df202645b34fcfb913123f11d63f54946dac7ad2d9c789240331618168aa1918964fd6098c4d6022d7ed9428e6c21737eec1a6fa344faa19561f808f8e9a4a2a0a97f1ddf1300b064190fd9", 0xcf}], 0x2, &(0x7f0000000e80)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="18000000000000000100000001000000f6c5d9db87044d092956a3f3b15a86ac9aebaf4ef96b7948d870080000000000000060630902bdaa33875c0ba247249f709a1db29db89b94d84c90047e5033f1612ba534a8d6a4a918e7a84c6bd74e42779100d78b5f85fc9328a01cd0de9ea5328707ef5395ace2ba67be8e44136945101962a8a288339f82c0b858c0511f6e30bf8259e0e887cf674239ce25e96f2cbcae1c4f96ef85107f4ec5c07f6e3682ee4077e1e3e06e3eb24e18f22cf3e6bc964e76fe804dd943465538cafb4726bf7f31d0410ff72cd372400a2c506cf885ad6cda09e26f82a9d02c", @ANYRES32=r1, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="040000400200be2cd00000", @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r12, @ANYRES32=r13, @ANYBLOB='\x00\x00\x00\x00'], 0xe8, 0x800}, {&(0x7f0000000a40)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000ac0)="08e593a56b373721f7441c9595564001ccfb922695d196221a4ee4b568c0d6981d081640f6654e0dd2ef1e180b8398cb4ace97c27cb98bb97636e3b46158731c71bb2dc3f6753ff1d16fabb8212bf6268bf1a281e504a875e53dbd73417c29077b1e19529581d424ad67e2154a78d7b20cdc5a9aab8003f3429684d08fc3e3181100b2c2a667a1340dfa18f214bb6c7d04ceec1ae1878ae96207d6767993ba515f6a565317ed1cd64db262d0d7120eb78ec5379c4661bbedb8c9ec709c0ccc1fff66c95d854a17854e8d7ee693d0d6e31e", 0xd1}, {&(0x7f0000000bc0)="a1aa4f4a8517ed76e6658bd9c860935e9bd15c32d07fb19dd15debe7bc86069f6a68a19d36eefbde04f193a0c85bd7d95deb21977dbe7c360b1843652657aa66446de0d2e99c93f84d4c81ad56fe73", 0x4f}, {&(0x7f0000000c40)="a74341810f4fc555922b534496eceaa6d965e259d9ad", 0x16}], 0x3, &(0x7f0000000dc0)=[@cred={0x20, 0x1, 0x2, r14, r15, r16}], 0x20}], 0x2, 0x4)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

[  954.089540] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:37 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448c9, &(0x7f00000000c0))

03:44:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  954.141597] FAULT_INJECTION: forcing a failure.
[  954.141597] name failslab, interval 1, probability 0, space 0, times 0
[  954.208650] CPU: 0 PID: 12187 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  954.217187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  954.226555] Call Trace:
[  954.229167]  dump_stack+0x244/0x39d
[  954.232830]  ? dump_stack_print_info.cold.1+0x20/0x20
[  954.238042]  ? __x64_sys_mount+0xbe/0x150
[  954.242208]  ? do_syscall_64+0x1b9/0x820
[  954.246300]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  954.251702]  should_fail.cold.4+0xa/0x17
[  954.255792]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  954.260926]  ? check_preemption_disabled+0x48/0x280
[  954.265972]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  954.271524]  ? check_preemption_disabled+0x48/0x280
[  954.271553]  ? find_held_lock+0x36/0x1c0
[  954.271595]  ? perf_trace_sched_process_exec+0x860/0x860
[  954.286132]  ? rcu_pm_notify+0xc0/0xc0
[  954.290051]  __should_failslab+0x124/0x180
[  954.294308]  should_failslab+0x9/0x14
[  954.298128]  __kmalloc_track_caller+0x2d1/0x760
[  954.302822]  ? vfs_parse_fs_string+0x1fd/0x2b0
[  954.307423]  ? legacy_parse_monolithic+0xde/0x1e0
[  954.312295]  kmemdup+0x24/0x50
[  954.312351]  legacy_parse_monolithic+0xde/0x1e0
[  954.312370]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  954.324992]  do_mount+0x6e9/0x1d90
[  954.328556]  ? copy_mount_string+0x40/0x40
[  954.332820]  ? retint_kernel+0x2d/0x2d
[  954.336741]  ? copy_mount_options+0x1e3/0x430
[  954.341255]  ? copy_mount_options+0x1f5/0x430
[  954.345766]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  954.345782]  ? copy_mount_options+0x315/0x430
[  954.345804]  ksys_mount+0x12d/0x140
[  954.345826]  __x64_sys_mount+0xbe/0x150
[  954.345849]  do_syscall_64+0x1b9/0x820
[  954.345867]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  954.345884]  ? syscall_return_slowpath+0x5e0/0x5e0
[  954.345902]  ? trace_hardirqs_on_caller+0x310/0x310
[  954.345921]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  954.345949]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  954.382746]  ? __switch_to_asm+0x40/0x70
[  954.382760]  ? __switch_to_asm+0x34/0x70
[  954.382786]  ? trace_hardirqs_off_thunk+0x1a/0x1c
03:44:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x8000000}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

[  954.382815]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  954.382833] RIP: 0033:0x457569
[  954.412644] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  954.434725] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  954.434743] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  954.434753] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  954.434764] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  954.434774] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  954.434784] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  954.581485] FAT-fs (loop3): bogus number of reserved sectors
[  954.612216] FAT-fs (loop3): Can't find a valid FAT filesystem
[  954.674540] FAT-fs (loop3): bogus number of reserved sectors
[  954.680533] FAT-fs (loop3): Can't find a valid FAT filesystem
[  954.713341] FAT-fs (loop3): bogus number of reserved sectors
03:44:37 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x200, 0x4)
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
chmod(&(0x7f0000000480)='./file0\x00', 0x11)
ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000440))
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0xc9, &(0x7f0000000400)=[{&(0x7f00000003c0)="d82475384608bb12fcc0bbbd2a62b2ae477094588d77301f2b9f625a249a6a6e2d", 0x0, 0x3}], 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000180)='./file1\x00')
openat(r2, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000580)={{{@in=@multicast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000680)=0xe8)
fstat(r0, &(0x7f00000004c0))
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000006c0)={{{@in=@rand_addr, @in6, 0x4e23, 0x4, 0x4e24, 0x0, 0x2, 0x20, 0x80, 0x2c, r4, r1}, {0xff, 0xfffffffffffffff7, 0x101, 0x8, 0x2, 0x3d478d96, 0x3, 0x5}, {0x8, 0x2, 0x7, 0x7f}, 0x6ba7, 0x6e6bb1, 0x2, 0x0, 0x1, 0x3}, {{@in=@multicast1, 0x4d6, 0x3f}, 0x0, @in6=@dev={0xfe, 0x80, [], 0x21}, 0x0, 0xfffffffffffffffd, 0x3, 0x1, 0xc6c1, 0x75, 0xf19}}, 0xe8)

03:44:37 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:37 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x8901, &(0x7f00000000c0))

03:44:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0xfffffffffffffffd, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40485404, &(0x7f0000000100)={{0x3, 0x2, 0x9, 0x3, 0x8983}, 0x100000000, 0x7})
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:37 executing program 4 (fault-call:2 fault-nth:13):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:37 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1700000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

[  954.720370] FAT-fs (loop3): Can't find a valid FAT filesystem
[  954.797975] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  954.836009] FAULT_INJECTION: forcing a failure.
[  954.836009] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  954.847860] CPU: 0 PID: 12239 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  954.856354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  954.865713] Call Trace:
[  954.865742]  dump_stack+0x244/0x39d
[  954.865769]  ? dump_stack_print_info.cold.1+0x20/0x20
[  954.865794]  ? rcu_softirq_qs+0x20/0x20
[  954.865822]  should_fail.cold.4+0xa/0x17
[  954.865846]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  954.865867]  ? kernel_text_address+0x79/0xf0
[  954.865890]  ? __kernel_text_address+0xd/0x40
[  954.872123]  ? mark_held_locks+0x130/0x130
[  954.872150]  ? save_stack+0xa9/0xd0
[  954.872166]  ? save_stack+0x43/0xd0
[  954.872184]  ? kasan_kmalloc+0xc7/0xe0
[  954.881588]  ? __kmalloc_track_caller+0x157/0x760
[  954.881607]  ? krealloc+0x65/0xb0
[  954.881626]  ? apparmor_fs_context_parse_param+0x1d9/0x490
[  954.881645]  ? security_fs_context_parse_param+0x5a/0xb0
[  954.881659]  ? vfs_parse_fs_param+0x1ea/0x3c0
[  954.881678]  ? vfs_parse_fs_string+0x1d5/0x2b0
[  954.895225]  ? do_mount+0x666/0x1d90
[  954.895239]  ? ksys_mount+0x12d/0x140
[  954.895253]  ? __x64_sys_mount+0xbe/0x150
[  954.895271]  ? do_syscall_64+0x1b9/0x820
[  954.895300]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  954.895315]  ? should_fail+0x22d/0xd01
[  954.895336]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  954.895361]  __alloc_pages_nodemask+0x34b/0xdd0
[  954.923510]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[  954.923528]  ? check_preemption_disabled+0x48/0x280
[  954.923556]  ? find_held_lock+0x36/0x1c0
[  954.923600]  ? trace_hardirqs_off+0xb8/0x310
[  954.934681]  cache_grow_begin+0xa5/0x8c0
[  954.934710]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  954.934728]  ? check_preemption_disabled+0x48/0x280
[  954.934755]  __kmalloc_track_caller+0x69b/0x760
[  954.934774]  ? vfs_parse_fs_string+0x1fd/0x2b0
[  954.934790]  ? legacy_parse_monolithic+0xde/0x1e0
[  954.934813]  kmemdup+0x24/0x50
[  954.943894]  legacy_parse_monolithic+0xde/0x1e0
[  954.943912]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  954.943930]  do_mount+0x6e9/0x1d90
[  954.943954]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
03:44:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x68000, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:37 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x8903, &(0x7f00000000c0))

[  954.951475]  ? copy_mount_string+0x40/0x40
[  954.951499]  ? copy_mount_options+0x5f/0x430
[  954.951520]  ? kmem_cache_alloc_trace+0x353/0x750
[  954.951541]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  954.951564]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  954.959936]  ? copy_mount_options+0x315/0x430
[  954.959959]  ksys_mount+0x12d/0x140
[  954.959980]  __x64_sys_mount+0xbe/0x150
[  954.960003]  do_syscall_64+0x1b9/0x820
[  954.960026]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  954.969454]  ? syscall_return_slowpath+0x5e0/0x5e0
[  954.969493]  ? trace_hardirqs_on_caller+0x310/0x310
[  954.969528]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  954.969550]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  954.979311]  ? __switch_to_asm+0x40/0x70
[  954.997954]  ? __switch_to_asm+0x34/0x70
[  955.017222]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  955.017253]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  955.017267] RIP: 0033:0x457569
03:44:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
symlinkat(&(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00')

03:44:38 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffff000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  955.017284] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  955.017293] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  955.017308] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  955.017318] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  955.017327] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  955.017336] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
03:44:38 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d2, &(0x7f00000000c0))

[  955.017351] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:38 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a0ffffffff]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  955.225126] FAT-fs (loop3): Unrecognized mount option "�$u8F�����*b��Gp�X�w0+�bZ$�jn-" or missing value
[  955.401787] FAT-fs (loop3): bogus number of reserved sectors
[  955.418906] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:38 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000003c0)="ab7fa561ac4eb8b4a84a6a012a3b560ee1e81610137a95d69b6d0f62d51bc927f1b7e95ed4a9238ee32e46a0c5e5194ad7d4e70d2a31de2a82453bcacc779d473b3d19a3e079bb9ebaeccf3480a7375f3e6fffbb98f328c29fda978f6e3287d93bfca335779e1d5f2aa054d0316ce734adf3bb2c16d885bea703ff7dcb6a18632ba4aa37c119af058b24da5761650f3a6b2f7ca8180a6afa4e567eb790942f3c79dda87fccd6915a8f50ce7211823ee6", 0xb0, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})
setxattr$trusted_overlay_nlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='trusted.overlay.nlink\x00', &(0x7f00000004c0)={'U-', 0xff}, 0x28, 0x2)
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000180)='./file1\x00')
r4 = openat(r3, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f0000000500)=0x8, 0x4)
r5 = msgget(0x2, 0x100)
r6 = getpgid(0xffffffffffffffff)
r7 = getpgid(0xffffffffffffffff)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000000540)={{0x4, r1, r2, r1, r2, 0x43, 0x8001}, 0x82, 0x4, 0x0, 0x9b, 0x101, 0x5, r6, r7})

03:44:38 executing program 4 (fault-call:2 fault-nth:14):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
clock_gettime(0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9)
r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000300)="766574000000000000000000bd6800", 0xffffffffffffffff}, 0x30)
r7 = memfd_create(&(0x7f0000000380)='-^mime_type\x00', 0x2)
kcmp$KCMP_EPOLL_TFD(r4, r5, 0x7, r2, &(0x7f00000003c0)={r7, r3})
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff)
r8 = memfd_create(&(0x7f0000000e40)="0000000000007225f78380807dde5053601841a0d0f82b74374852b01f125997622dc4a5e71d2ce5ac32ff90824fa25e59073487cf36ad576e32926b04894da740f7e9c0ffb42c356a1f285bfc8f0b8c6f72ef151dab4c5c2a5a751f04bfc69ac5c3b5168a6d13d826b1ed0c7527d58f54adc12fca1f25c8fc2586ea4d90f84dabcdec291fb780a39a117d12b0893b182098dceed33b222a1d413709ae355d4d297fe42c5d4e9d8bbd9d0c709cae47e88f8aa22a505b3e995b501f0d3753cd3510e87436612b401305f316177f6d4d4c70fd9d2621c3707ad88da7852596d89a59cb74505e675ac6ebc03faa3ee99889176b571135031afc973c52c5f6437b8143002b30d8fb92011c4994cc024e40497b2daeb06ad5308af486d0178a418f6bdb6940f07dc6e5cf1a3c852b401e3ecec45d22fd687928411b83f68bf7be4b21fdf0033cf949b8a76aa65d68ad885967c2cc3c2d60ec74fcf5de162c94ffe3e15775c1a1cfd9818d4c17a2f8d0a7302538f079e7b128ef123c8bb909000000000000003814c2aea86c35fbf4244a64635d32ff12e4dcb3df56e5d5d3882a9984993f8a7fef72d875d21c1e3bb2bc3e6e79a2b6d322f710f0378abc2095d32139e39f3223db9961309295e4c3c8e1b0001dd757aa000000000000000000000000000008eca80c7b0c", 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fuse\x00', 0x2, 0x0)
execveat(r8, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f00000001c0), 0x1007)
r9 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ioctl$TIOCCBRK(r8, 0x5428)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000500)={'veth1\x00', {0x2, 0x4e1f, @rand_addr=0x9}})
ioctl$KDSKBSENT(r9, 0x4b49, &(0x7f00000002c0)="a1")
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000440)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a})
ioctl$TUNSETQUEUE(r10, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400})
ioctl$TUNSETSTEERINGEBPF(r6, 0x800454e0, &(0x7f0000000400)=r8)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNATTACHFILTER(r10, 0x401054d5, &(0x7f0000000140)={0x1, &(0x7f0000000240)=[{0x9}]})
ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000280)={0x20000000000003, 0xffffffff, 0xff8000000000, 0x1})
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000007000)={0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x0, 0x0, &(0x7f0000002000)})
ioctl$BINDER_SET_MAX_THREADS(r9, 0x40046205, 0x7)
r12 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r12, &(0x7f0000000040), 0x2)

03:44:38 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:38 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448cb, &(0x7f00000000c0))

03:44:38 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1f00000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:38 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x1000000002, r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x0, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000140)={0xf, 0x8, 0xfa00, {r2, 0xf}}, 0x10)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
fchmodat(r1, &(0x7f0000000000)='./file0\x00', 0x41)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0x2)

[  955.547118] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  955.574916] FAULT_INJECTION: forcing a failure.
[  955.574916] name failslab, interval 1, probability 0, space 0, times 0
03:44:38 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  955.682721] CPU: 1 PID: 12290 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  955.691251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  955.691258] Call Trace:
[  955.691285]  dump_stack+0x244/0x39d
[  955.691312]  ? dump_stack_print_info.cold.1+0x20/0x20
[  955.712122]  should_fail.cold.4+0xa/0x17
[  955.712154]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  955.712171]  ? zap_class+0x640/0x640
[  955.712217]  ? mark_held_locks+0x130/0x130
[  955.725059]  ? __lock_acquire+0x62f/0x4c20
[  955.725087]  ? find_held_lock+0x36/0x1c0
[  955.725130]  ? perf_trace_sched_process_exec+0x860/0x860
[  955.725151]  ? find_held_lock+0x36/0x1c0
[  955.725173]  __should_failslab+0x124/0x180
[  955.737697]  should_failslab+0x9/0x14
[  955.737716]  kmem_cache_alloc_trace+0x2d7/0x750
[  955.737731]  ? should_fail+0x22d/0xd01
[  955.737757]  alloc_super+0xd4/0xb40
[  955.747275]  ? destroy_unused_super.part.10+0x110/0x110
[  955.747289]  ? sget_userns+0x17c/0x850
[  955.747307]  ? lock_downgrade+0x900/0x900
[  955.747329]  ? kasan_check_read+0x11/0x20
[  955.761199] FAT-fs (loop3): Unrecognized mount option "��a�N���Jj
*;V��z�֛mb��'��^ԩ#��.F���J���
*1�*�E;��w�G;=��y�����4��7_>o����(Ÿڗ�n2��;��5w�_*�T�1l�4��" or missing value
[  955.763897]  ? do_raw_spin_unlock+0xa7/0x330
[  955.772877]  ? do_raw_spin_trylock+0x270/0x270
[  955.772896]  ? security_capable+0x99/0xc0
[  955.772931]  sget_userns+0x278/0x850
[  955.780956]  ? get_anon_bdev+0xc0/0xc0
[  955.780980]  ? vfs_get_super+0x270/0x270
[  955.781013]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  955.781057]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  955.802091]  ? ns_capable_common+0x13f/0x170
[  955.802110]  ? get_anon_bdev+0xc0/0xc0
[  955.802125]  sget+0x10b/0x150
[  955.802149]  ? ovl_show_options+0x550/0x550
[  955.802165]  mount_nodev+0x38/0x120
[  955.802184]  ? ovl_own_xattr_set+0x10/0x10
[  955.802209]  ovl_mount+0x34/0x40
[  955.808186] overlayfs: failed to resolve './file1': -2
[  955.811198]  legacy_get_tree+0x131/0x460
[  955.819067]  vfs_get_tree+0x1cb/0x5c0
[  955.819090]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  955.819108]  do_mount+0x70c/0x1d90
[  955.819128]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  955.819148]  ? copy_mount_string+0x40/0x40
[  955.827099]  ? copy_mount_options+0x5f/0x430
[  955.827122]  ? kmem_cache_alloc_trace+0x353/0x750
[  955.827142]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  955.827164]  ? _copy_from_user+0xdf/0x150
[  955.838239]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  955.838255]  ? copy_mount_options+0x315/0x430
[  955.838277]  ksys_mount+0x12d/0x140
[  955.838296]  __x64_sys_mount+0xbe/0x150
[  955.838318]  do_syscall_64+0x1b9/0x820
[  955.838342]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  955.846625]  ? syscall_return_slowpath+0x5e0/0x5e0
[  955.846647]  ? trace_hardirqs_on_caller+0x310/0x310
[  955.846666]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  955.846685]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  955.846699]  ? __switch_to_asm+0x40/0x70
[  955.846711]  ? __switch_to_asm+0x34/0x70
[  955.846733]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  955.854158]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:44:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000000)={{0x9, 0x8}}, 0x10)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:38 executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x80000, 0x0)
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x124)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000000), 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000002c0)={r3, 0x10, "0bf4aecf99575b6e1182c6236df3920e"}, &(0x7f0000000080)=0x18)
fsync(r1)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x109000, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000280)={0x1, r4})
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000180)=""/139)
ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f00000003c0)=ANY=[@ANYBLOB="0000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f05c2b4581000000000000000900000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000100000001040000ef0a0000000000000400000000000000ff010000000000000400000056421e7b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000082942cc54cbc554e310bc4a42d603b5550d3ad2bc0df2166dda9e1c9677da8731331cd916557cac1d40d59516540fc800dae0a475f50a2aaab2f203a45196676749290ff1683e7e343cb24458b1733fcaed079ac98d00dbdc9da6c3fcfc6ba7882a3764f395582cb9cc8b0492086"])
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
fcntl$dupfd(r5, 0x0, r5)
ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000100))
ioctl$FS_IOC_SETVERSION(r5, 0x400448e7, &(0x7f0000000080)=0x80000001)

[  955.854173] RIP: 0033:0x457569
[  955.854189] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  955.862066] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  955.862082] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  955.862092] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:44:38 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0xffffffffffffffff, @host}, 0xffffffffffffff6a)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[]}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="021800001000000061d63cbe000000000800120000000000000009000000004a10006e39498b80bc0000000000000000e000000100000000000000265bac760700000000000000000000000000000000030006001600000002002000ac14ffbb000000000000000003000500000000000200003db28dbebb00000000000000005bec31d7114d8ff9ad5129356719fe11fd96c4e55912ba3fa1104599125b8122cac2534765"], 0x80}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={0x1, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e23, @rand_addr=0xe772}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}, 0xc1, 0x7fff, 0x7, 0x4, 0x7ff, &(0x7f0000000080)='veth0\x00', 0x0, 0x5, 0x7})
sendmmsg(r2, &(0x7f0000000180), 0x400000000000117, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:38 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0ffffff]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  955.862102] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  955.862112] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  955.862121] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  956.103596] FAT-fs (loop3): bogus number of reserved sectors
[  956.109732] FAT-fs (loop3): Can't find a valid FAT filesystem
[  956.181259] FAT-fs (loop3): Unrecognized mount option "��a�N���Jj
*;V��z�֛mb��'��^ԩ#��.F���J���
*1�*�E;��w�G;=��y�����4��7_>o����(Ÿڗ�n2��;��5w�_*�T�1l�4��" or missing value
03:44:39 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
socketpair(0x2, 0x0, 0x3, &(0x7f0000000580)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f00000005c0)=0x6)
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100))
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r2, 0xc0a85322, &(0x7f0000000340))
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f0000000400))
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
creat(&(0x7f0000000040)='./file2\x00', 0x20)
symlinkat(&(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file1\x00')
openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)

03:44:39 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:39 executing program 4 (fault-call:2 fault-nth:15):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:39 executing program 2:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001400)='/dev/vga_arbiter\x00', 0x8000, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001200)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000001240)={0x0, r1, 0xfffffffffffffff8, 0x18f, 0x8000, 0x8})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f00000012c0)={{0x6, 0x5}, 'port1\x00', 0x0, 0x1b0404, 0x401, 0x1c8c41d, 0x7fff, 0x7, 0x7fffffff, 0x0, 0x0, 0x4})
socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, &(0x7f0000000340)=ANY=[])
r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fchdir(r5)
open$dir(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r6 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fallocate(r6, 0x0, 0x0, 0x1000f4)
getsockopt$inet_sctp6_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={<r7=>0x0, 0x1}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000140)={r7, 0x1000, "d868a873378d6b16c2a46cd24b47c9e50c1af27ad88b5eaf91bf4760074fc8693c9f0341f27ded119e4ae275fb24c95bb7c20192ff7162a7c99d34e94132b6ec3fd6cada714fb41fad481697c2c5e85fdb2678e7d105dfa1f8e8d1760cd97f1e2262f2d34857dd563c8512798a7252a82725cf567f3ed73ebc9655d7697887f7a11e2b3a5b3ad8045c2ec756f5c42e19184ef312c651eea23c42d2f1c847bc37f2107e50e92fed77eef57c1615754f97d1101ce9040e692bafd283124cb2346ae6cd42013ca5d25f4cd41c83e8782934c0c24727643d7232e98ce27a35ffe990bb37dda6514709f98c4ecd2e87c268af1077211bc55466864d3309e6edb92be070d959dca4cb7a10e41e295d0aebf3810ff7e456e54ab1e0f0648c9017d94112fc5e00b89f8521faeddcb28833533082937006ac052c8639b374eee905278577b7832e738cfef99e103cfe53130c65ee8ccad36046a494dda85d8ca3d3cc1cde7360251d42ba22d96673a4ce2715a3962f5f9afb2b21a881a86d1ff26c428b0c207c6c917c776707993a4959b8a920e8498e4f0aaed2d843222edf45ba8db351823e7a02f8930275b78ca8f08b84334884a0fa282a128bf3323d553f9afe5c939b55e4e9471b2f085e4d19404987b3dabe365c1c2f936cefc29cb02a0874c1dde7613cbc10233652b883d50949d9a676448e7e34a4ae62a8763e916539bd366848c415496af656fc9c13af0341d9ea02f1be685389f6f4af77fd1c3a5ba0b0d9db22b124f8f6904bf34be6ae5bd92c8978b5c620089fe57c18b4feb27964bff648b40f372aa9c74ee4ee9215e3d7c2d37a4143c52680fc6e12e90fb7ee4fb83e57353e0aedb1ba57821530d7eb9cb129f865dbfda9a069b499add4ab1ef07ee03532a08c78193247cc8ae21b17369e42ce210f6b03df1f31a5cd238b8c6e955fbf1369c15963f1868c38c6a10ba3ed8f78fb264b08d734fb5e8903b4c90aa355aa767343800869c87944b7dfb1eca683b96aac64281f5aeb9eb32483b8d17e54f8e970b7560797c91d89f3a6ee378ed92bda73020dffc673948a749d5005109887c2de68639126509df254a6da8855087865ad1a57d42205cf2026fcb67644d0d034bfa4f95c564184948105b385d5709b234916616a2879d7d5c61bae446ae7c0555b1867119872cbe6e38574e114cf6d69cfd58b912f1481edd47fce0eb833acd41de890a091e08c3b4719a3e2d1c7353b8c24559f92aabb0ea548b12caeae87f81e7a82cb9a57904c3607ff4f7312513cdfa6b8fe52e6bcba74e7429dae56c6fd959b6afc7d2f6da3213698f15d222a9274af65ee419ae418db996d288160f09d1968052ab19b6e02572bca6da0d2b445719f64288a1235983724223cf9c70025fb28dc8f26f325e80cdc2dd8bac8e348f41e892f4bb9f8fccead33a2881118a5dd6c960f747e003d7bff22834e943982eb097bee85588ef231eea5361cf05e5d4ff53587dc8053e9607083695003062c51ef37664b18de34be897a7462bcd2d7df593998bde1fdadde0ff554bbaf753f8900c7cab90eb05c4b1d42aa495d9383b339cce18dcc2831f11659b911aaf11528a6de855009dea976a3ba54bbade9e75f841ae5ea85f5a1bd0022ddb627644e1926196848b30c8ffeb06cbe46bbc661730a4f804d37d44ed057bf0470299709c3bb1b666a90197c5a1086502fb457689c62611f45c3af14f0c7351f5279c6cb9ac2096fdf4a4943ad761c494dd60554d1eab9976f569d17b34e5bc07ec7e90f90ff08fcc1cbc14974994bc33879dc4d0a4e827ab6d8f2be9eda502132010c3ef1e544cb0bd20703f2450ac6d9f90badc56b11e5b7ff9d46d2e2db4cbad55a0ac1781490727a34786c194102be49ec76e3a8f6cf2f68a1d1daadc0084e8e9746daec58000b526c724b2f1505ec427254a7ed92ed1b5700050326a597b3c2c3419d0b0eeee75cec4e2ea88c9e8ae2dfb1b9220334c6d49d5fae292890c557d033fdc1ef435fc25bbbbd6b458cc4767cbf668138b2db1399f0147291808db4259636ff9b7f95cf25a9ce9f6677381dfeb5f2545bad47f7cb6096fef2571765f0e38df101f3ca01d2555ca1f3e4ceda72e5461d8ea3c770967f4aadc58f5c9e13e5fb8ae90c7d2b1111fff6eb091644c57eabfbfb862b2e6ee3800c8aa8e5630b50fd703cc3149af0ce570b02d181229e26a7f710f56679d55f2fbdb2aa998d3e7d4c2a949cf7ec98d46bf41ed413bbfa56339d083a849863415599f2fccba291e1956cd742892865707e0e50491a663474b270fccd7f0b8fe7726eb3639a25c55d5d23dc1846aa4a32f4a85dc187111f1236d392ea6f3a454dbeb212dda1910e30a0f1884e4ca4095ce9289e8b4c982faf8d3759ac245c7039cbb2bf003c3ab606c02e4cf2c08b70e40d571ddbde2137d8d002e0294bbe0116c0275878222a32275cd1d9abb626a141035153ae05014d5068a7d7ec79bfa390567e7eaa0b32288b0c6086d656d4ff9430b76b0b4a23ff87ef4a0b3643527ae169befb5c32ae4e883ac762661645aac9f3065cba5d3dcca8b35e908287c3aee1958d2b544a48ee39e8b066ef3fafbd82d54b0600819fe2106706c104f295044c23c6b49d9cfcca8b553b9ac90646e2d7daa05c2a76a7ef9c2f18e78e1a7be7034ace2f824a27a52559f63b07a0860f822d7c348c5ca6d28bc96f089317e3f11c14cff41797e21ce08b4b630565a4b3b26600b5d0268d08f2d897c1b8b6ee76e40aa931ed19e3de0a9ce63865ff90cfbb69e0b8ac43ae8f5ef3531b674ac191730ab2efd19da162d4e3def1c886380d2fbf4dc5e35a01dceb495f06a0805386506b2ce11805d5344b1257ea36afd47b60fb9b0b432188f28f0d441261eaf0c41407c137f9c06fba36868bc9a00569fc4881d0363379316341dc9674aa5ee1a541c8e55e74204e20599ab5525a8459180b838971fa2ebd2d345777542e5fd62f08309bda639e9584dd9a50123f3004a703420ecfcbe2627b768650c2c5f7742962e36549418d81f8ec0c6bdbfb280b493f0f4ca0b1a5e94d4d1d6aeba28175e53f3fe027cd199b231fb55e0bff7fb0b75c1133a407d39138507e9386e89ec8e6084b58fd8073b86e9e5fb0da4ae11b5ef4f35af34c534d58917a98b3b7718f7741291c4453d2080cec81cf6b611294f3851b687476e2bcb499a775c96102cc86cce1d12a667469317dddd2ad52458ab06f790ab72eb03584c2836c040e931f0e4713bb9b477ed78eb2bd5937d3ed5ad4d16b259d151af7488a3867b4155f077fbc70d948585eab58bf12b6412ad0ff23a9921b9363766e9e890071a1cb1a27e96f8901337d2c57493995de4dab025f6b5fbf9ba725869e1c7327a5875691aae510c13d6b027930eab63de8b7d80aa23e1d684020a77f592aab4b9cee62bfd7eddecc3aa1ebfa932236fd83592b513ef8bb8a46e0a96cfbab8a267762fe9583fcda22c6d140049d1c8d8b185c8c2e80a0c0a9a883732862549eb6463ef5c6c81ea8c323dc3d73f973b287b6a0543e8011a5be5ea8a1f9a594d55c8963834403b108550f800b59ff9d3fe40b7b2e06b67eedcc97a251f47c5c0a149e8b6441bb6eba19aaf7d1128f3f20a8bbd1039e62da7727cc68dff60d358205d9c181957ecddf845af63ab77dcb2b692a2f3a4e6c363f0a36bda35a3a97a11e1856c27e564f8fd574349938abb9b0e1eba7509f9688e50a954554051ee6567ea73f389bc6737321f795679540d4a2fff1468dbf8df366e1f771e433dc71c74cb19215bab0e30602c7b440f59fb2c4609df772bcd8e270673e34cfa828c77aad52b2b9028146285765a97f3ef1d946db38b692023c863fe9f291b3a28014a3de4ede530158e28426f2ea11f4204f600a924266010f072ef563d58227c147901c735821ca24c05185e52cc23c1cc54a336889e233fc5fc23cf917539d914f1cd26bf319f7ecbec946c9171509631abbbaefe96c7f9faf62140cf74b1f6a20bab95b73429216a404936b1f3ae802fab652713bd3158903e947f9d1d9f76b1772a1328c3206d4381810359d310d8cb77574cb6b9b4d2ec6c8998da2e5cfbd6d3c1de5fa3b6faedd9ca1a6ddc42b94d1a4afb67b2d926f98df98be0daf5eddcb0d09b306a5943f4a64402a50cf908b9c847e8edc6314dd5a7621962b2bae9429b3360268119aa6476c729bbb6127f1625c58fbfdb4186ee005c4ff8a301d5a6500ec628f473de84d487d54f50be38d36518c9626e9f63f754bc44699696b1fcc9afdf8f5023deeeed469964ecf1549f74514769faa60c3e04a97658e99bde8a7ebc196661e6630d682880d3a1cf1ba1fdb342ef8229997ad6772c93c3f775d02d102f8e4af359e477385f14a6b45921da87159b0b1c3a4bb62633b0d18e07cd7563fb5f47fd6c69158f9c7042bd894aafb7e1c6192e885c105afb28692ae6996cc14ff30ac57bbe9df73905eb4740ede15f8eee9999e4a2505680985d3d26117d67d703710ab604f1c3a8ef8c42d2a09353739ee5412cb7e559afdcdaa0a272dba9cd4505aba646d2fea553063d668450a9fde5208a8228b5201b8efc17f0e47e0049833987b8ce101fd5a671f71f2fd64f133f04ed5314f2e40ee3928e8555582021eabe09ada46781379878f091ee42d37f56bb1da205e56129e66f7f7ddc4a597c62fa22ba6ec37b041e5cd8a962f82247829695aed6fc0741ac0dd9c055dfe291382f97b7c1bd35a5cda3160c7be0c63445fe5bf3dcd3cd75a73712c8c23391bc97b7ad584f541488ffd4935a5c60bbfc898277c3689ce52111ba2bc28b07d677236587ea64e07cec7c88ff6c82551bcfd6cb04b071efdeb6bdc7d1e95c897716c317cb0424fb87187446dd5cc176948b8434d9aaf4a97150b68f02f449dab67c36bf5294ae38e8a382fdb37c29ca18607709d89802d06bd8d3bff2143a562f09a19c2b685be2df8de7c1b5650b2f79680c5c608136b79c00a09c6fd3dff0717f8d9848e2095905890bec9b484d9d311df82c0bef450670f3ea4362332d21a2f9f060557228cd0f1ceff8de8593a1ca0947b48100cacb0373a720227ef971be5b3c06652a736ed146a26a46bd356e9954ffc7839f1c8e01af3c546512c61bc0558469dd4ad1136d3262a89bb24d138b0bb74db3eb5ce8da6d728bb32dc9188a125e6ff5752b912db8c2d0c5cdc03e5ab5f95cff02c0ec1d10b0640edf89a274aa0ada14f937aa3ef35d621103c3d39f1211df5216ca4b3f47ea025e9ad23571f3c381a142c08435e1a364085da401bc7c956537aea4f934110cadd44cd8fb0a1b6b4c759725fa1971b41af0eff599e51da33b70ddb8a27377db24e7c6d273067ce9171275730a508b9ce37f006723740064ceb4f0c75308e263bc9f1e23f76a861393c252b243bbd3fa27b9e693c71f882a7ae28e3748e88e0907f9b303a3fb5d42df7d4f10ea90a9e5ae4f52553894ed5029598a1d576dc4d920ef9c0565908403096527f69db59a183ce64355a98b1700a21bd320423d4391d21667fc968ffdf5da0822aed7ecf8ba4b352615fb501ca8f41ecc7122e2d9c69ca11badb2cf92d58104c0b00681dac3d6707ab04fd6ca9866cde1cd051fe63a602ad347659036c9cf37917aded43f2c7d5cab0b8e220b763b4519dfa5a5479bcf3683657a78efe21d4fac9f21e5a0a9fc1a6691e4bae0e6700ce786f4a0c73996044d797ca0a8357e4f95d94fbaf7cea871a93d76fe9ab1b2b2171ee45b170a9fe7b8e"}, &(0x7f0000001180)=0x1008)
r8 = getpgrp(0xffffffffffffffff)
fcntl$setown(r5, 0x8, r8)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f00000000c0))
creat(&(0x7f0000001280)='./file0\x00', 0x14)

03:44:39 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xcaf0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:39 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x860c]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  956.373178] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  956.417895] FAULT_INJECTION: forcing a failure.
[  956.417895] name failslab, interval 1, probability 0, space 0, times 0
[  956.446945] CPU: 0 PID: 12349 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  956.455469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  956.464848] Call Trace:
[  956.464876]  dump_stack+0x244/0x39d
[  956.464903]  ? dump_stack_print_info.cold.1+0x20/0x20
[  956.464937]  should_fail.cold.4+0xa/0x17
[  956.464961]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  956.465045]  ? __perf_event_task_sched_in+0x2a9/0xb60
[  956.465070]  ? zap_class+0x640/0x640
[  956.480531]  ? mark_held_locks+0x130/0x130
[  956.480548]  ? __lock_acquire+0x62f/0x4c20
[  956.480576]  ? find_held_lock+0x36/0x1c0
[  956.498874]  ? netpoll_setup+0x308/0x640
[  956.498907]  ? perf_trace_sched_process_exec+0x860/0x860
[  956.516680]  ? find_held_lock+0x36/0x1c0
[  956.516714]  __should_failslab+0x124/0x180
[  956.516732]  should_failslab+0x9/0x14
[  956.528820]  kmem_cache_alloc_trace+0x2d7/0x750
[  956.533537]  ? should_fail+0x22d/0xd01
[  956.533563]  alloc_super+0xd4/0xb40
[  956.533585]  ? destroy_unused_super.part.10+0x110/0x110
[  956.546473]  ? sget_userns+0x17c/0x850
[  956.550372]  ? lock_downgrade+0x900/0x900
[  956.554538]  ? kasan_check_read+0x11/0x20
[  956.554554]  ? do_raw_spin_unlock+0xa7/0x330
[  956.554569]  ? do_raw_spin_trylock+0x270/0x270
[  956.554588]  ? security_capable+0x99/0xc0
[  956.554616]  sget_userns+0x278/0x850
[  956.554635]  ? get_anon_bdev+0xc0/0xc0
[  956.567804]  ? vfs_get_super+0x270/0x270
[  956.567839]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  956.567883]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.579632]  ? ns_capable_common+0x13f/0x170
[  956.579651]  ? get_anon_bdev+0xc0/0xc0
[  956.579665]  sget+0x10b/0x150
[  956.579686]  ? ovl_show_options+0x550/0x550
[  956.589274]  mount_nodev+0x38/0x120
[  956.589295]  ? ovl_own_xattr_set+0x10/0x10
[  956.589311]  ovl_mount+0x34/0x40
[  956.589330]  legacy_get_tree+0x131/0x460
[  956.606275]  vfs_get_tree+0x1cb/0x5c0
[  956.606292]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  956.606309]  do_mount+0x70c/0x1d90
[  956.606331]  ? copy_mount_string+0x40/0x40
[  956.618498]  ? retint_kernel+0x2d/0x2d
[  956.618527]  ? copy_mount_options+0x1e3/0x430
[  956.618544]  ? __sanitizer_cov_trace_pc+0x48/0x50
[  956.618564]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  956.625983]  ? copy_mount_options+0x315/0x430
[  956.626006]  ksys_mount+0x12d/0x140
[  956.626026]  __x64_sys_mount+0xbe/0x150
[  956.626049]  do_syscall_64+0x1b9/0x820
[  956.626067]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  956.626086]  ? syscall_return_slowpath+0x5e0/0x5e0
[  956.626106]  ? trace_hardirqs_on_caller+0x310/0x310
[  956.626130]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  956.638250]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  956.638280]  ? __switch_to_asm+0x40/0x70
[  956.638293]  ? __switch_to_asm+0x34/0x70
[  956.638322]  ? trace_hardirqs_off_thunk+0x1a/0x1c
03:44:39 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  956.646465]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  956.646480] RIP: 0033:0x457569
[  956.646497] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  956.646506] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  956.646521] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  956.646531] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  956.646540] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  956.646549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  956.646558] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  956.724605] audit: type=1804 audit(2000000679.560:162): pid=12353 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor2" name="/root/syzkaller-testdir086319996/syzkaller.DVDN7N/1641/file0/file0" dev="loop2" ino=151 res=1
03:44:39 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9e]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  956.752842] audit: type=1804 audit(2000000679.570:163): pid=12353 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor2" name="/root/syzkaller-testdir086319996/syzkaller.DVDN7N/1641/file0/file0" dev="loop2" ino=151 res=1
[  956.843917] FAT-fs (loop3): bogus number of reserved sectors
[  956.856804] audit: type=1804 audit(2000000679.680:164): pid=12353 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor2" name="/root/syzkaller-testdir086319996/syzkaller.DVDN7N/1641/file0/file0" dev="loop2" ino=151 res=1
03:44:39 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffa0018000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  956.920948] FAT-fs (loop3): Can't find a valid FAT filesystem
[  956.931397] overlayfs: missing 'lowerdir'
03:44:39 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$sock_void(r1, 0x1, 0x38, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x6)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f0000000180)=0xc0000)
getsockname$netlink(r1, &(0x7f0000000000), &(0x7f0000000080)=0xc)

03:44:39 executing program 4 (fault-call:2 fault-nth:16):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:39 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  956.993884] FAT-fs (loop3): bogus number of reserved sectors
[  957.004881] attempt to access beyond end of device
[  957.009996] loop2: rw=1, want=2853, limit=112
[  957.025390] overlayfs: missing 'lowerdir'
[  957.056417] FAT-fs (loop3): Can't find a valid FAT filesystem
[  957.122380] FAULT_INJECTION: forcing a failure.
[  957.122380] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  957.134289] CPU: 0 PID: 12390 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  957.142802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.152165] Call Trace:
[  957.154787]  dump_stack+0x244/0x39d
[  957.158459]  ? dump_stack_print_info.cold.1+0x20/0x20
[  957.163689]  should_fail.cold.4+0xa/0x17
[  957.167757]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  957.172852]  ? print_usage_bug+0xc0/0xc0
[  957.176910]  ? mark_held_locks+0x130/0x130
[  957.181154]  ? print_usage_bug+0xc0/0xc0
[  957.185233]  ? __lock_acquire+0x62f/0x4c20
[  957.189468]  ? mark_held_locks+0x130/0x130
[  957.193709]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.199264]  ? should_fail+0x22d/0xd01
[  957.203170]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  957.208277]  __alloc_pages_nodemask+0x34b/0xdd0
[  957.212939]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[  957.217970]  ? find_held_lock+0x36/0x1c0
[  957.222052]  ? trace_hardirqs_off+0xb8/0x310
[  957.226459]  cache_grow_begin+0xa5/0x8c0
[  957.230515]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  957.236054]  ? check_preemption_disabled+0x48/0x280
[  957.241071]  kmem_cache_alloc_trace+0x684/0x750
[  957.245727]  ? should_fail+0x22d/0xd01
[  957.249615]  alloc_super+0xd4/0xb40
[  957.253240]  ? destroy_unused_super.part.10+0x110/0x110
[  957.258599]  ? sget_userns+0x17c/0x850
[  957.262479]  ? lock_downgrade+0x900/0x900
[  957.266621]  ? kasan_check_read+0x11/0x20
[  957.270759]  ? do_raw_spin_unlock+0xa7/0x330
[  957.275168]  ? do_raw_spin_trylock+0x270/0x270
[  957.279756]  ? security_capable+0x99/0xc0
[  957.283898]  sget_userns+0x278/0x850
[  957.287628]  ? get_anon_bdev+0xc0/0xc0
[  957.291522]  ? vfs_get_super+0x270/0x270
[  957.295587]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  957.301127]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.306662]  ? ns_capable_common+0x13f/0x170
[  957.311083]  ? get_anon_bdev+0xc0/0xc0
[  957.314979]  sget+0x10b/0x150
[  957.318097]  ? ovl_show_options+0x550/0x550
[  957.322407]  mount_nodev+0x38/0x120
[  957.326035]  ? ovl_own_xattr_set+0x10/0x10
[  957.330274]  ovl_mount+0x34/0x40
[  957.333633]  legacy_get_tree+0x131/0x460
[  957.337685]  vfs_get_tree+0x1cb/0x5c0
[  957.341482]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  957.346229]  do_mount+0x70c/0x1d90
[  957.349776]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  957.355330]  ? copy_mount_string+0x40/0x40
[  957.359560]  ? copy_mount_options+0x5f/0x430
[  957.363961]  ? kmem_cache_alloc_trace+0x353/0x750
[  957.368795]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  957.374337]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.379880]  ? copy_mount_options+0x315/0x430
[  957.384399]  ksys_mount+0x12d/0x140
[  957.388088]  __x64_sys_mount+0xbe/0x150
[  957.392068]  do_syscall_64+0x1b9/0x820
[  957.395944]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  957.401301]  ? syscall_return_slowpath+0x5e0/0x5e0
[  957.406223]  ? trace_hardirqs_on_caller+0x310/0x310
[  957.411246]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  957.416254]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  957.422926]  ? __switch_to_asm+0x40/0x70
[  957.426983]  ? __switch_to_asm+0x34/0x70
[  957.431035]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  957.435880]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  957.441074] RIP: 0033:0x457569
[  957.444267] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  957.463181] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  957.470879] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  957.478147] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  957.485403] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  957.492669] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  957.499937] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:40 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})
r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000180)='./file1\x00')
r2 = openat(r1, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)
setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000280)={{0x9}, 0x41}, 0x10)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000340)=""/89)

[  957.551596] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:40 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1600}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000100)="9c5727507db7cafed5db71ffd05c6a88ba38030bc2f59af24035976d74f2c304f31d285ffe8fa4358471650a4409ff84263a9bdf0ab50c81c3b8d6ab9b7144599e6cd0c178e1302e48fe2fafbf745e841b1e6ca2a198872cf62b")
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:40 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc86]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:40 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:40 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:40 executing program 4 (fault-call:2 fault-nth:17):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xfffffffffffffffd, 0x0, 0x1, 0x1, 0xc7, 0x1}, 0x80000000000}, 0xa)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x20000, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x5, 0x9413013, 0xffffffff, 0x3f, 0x4, 0x80000000}, 0x6}, 0xa)
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000080))
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="008000000000001017f9"], &(0x7f0000000180)=0xe)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={<r4=>0xffffffffffffffff, r2, 0x0, 0xa, &(0x7f0000000280)='/dev/rtc0\x00', 0xffffffffffffffff}, 0x30)
sched_getparam(r4, &(0x7f0000000300))
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r3, 0x6}, 0x8)
readlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/56, 0x38)

03:44:40 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:40 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
r2 = semget(0x0, 0x1, 0xc)
semctl$IPC_RMID(r2, 0x0, 0x0)

[  957.726740] FAT-fs (loop3): bogus number of reserved sectors
[  957.758487] FAT-fs (loop3): Can't find a valid FAT filesystem
[  957.865199] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  957.880020] FAT-fs (loop3): bogus number of reserved sectors
03:44:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
ioctl$KVM_ASSIGN_SET_INTX_MASK(r1, 0x4040aea4, &(0x7f0000000000)={0x9, 0x80000001, 0x1000, 0x1, 0x8})

[  957.908367] FAULT_INJECTION: forcing a failure.
[  957.908367] name failslab, interval 1, probability 0, space 0, times 0
[  957.937060] FAT-fs (loop3): Can't find a valid FAT filesystem
[  957.960441] CPU: 0 PID: 12432 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  957.968959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  957.978321] Call Trace:
[  957.980931]  dump_stack+0x244/0x39d
[  957.984587]  ? dump_stack_print_info.cold.1+0x20/0x20
[  957.989806]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  957.995365]  should_fail.cold.4+0xa/0x17
[  957.999458]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  958.004588]  ? zap_class+0x640/0x640
[  958.008323]  ? find_held_lock+0x36/0x1c0
[  958.008347]  ? __lock_is_held+0xb5/0x140
[  958.008378]  ? __lockdep_init_map+0x105/0x590
[  958.008397]  ? perf_trace_sched_process_exec+0x860/0x860
[  958.016529]  ? lockdep_init_map+0x9/0x10
[  958.016558]  __should_failslab+0x124/0x180
[  958.016577]  should_failslab+0x9/0x14
[  958.016593]  __kmalloc+0x2e0/0x760
[  958.016672]  ? __init_waitqueue_head+0x9e/0x150
[  958.016699]  ? init_wait_entry+0x1c0/0x1c0
[  958.026629]  ? prealloc_shrinker+0x172/0x340
[  958.026655]  prealloc_shrinker+0x172/0x340
03:44:40 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x2000}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  958.026674]  alloc_super+0x8db/0xb40
[  958.026705]  ? destroy_unused_super.part.10+0x110/0x110
[  958.026719]  ? sget_userns+0x17c/0x850
[  958.026743]  ? lock_downgrade+0x900/0x900
[  958.038824]  ? kasan_check_read+0x11/0x20
[  958.038844]  ? do_raw_spin_trylock+0x270/0x270
[  958.038863]  ? security_capable+0x99/0xc0
[  958.038892]  sget_userns+0x278/0x850
[  958.051351]  ? get_anon_bdev+0xc0/0xc0
[  958.051375]  ? vfs_get_super+0x270/0x270
[  958.051409]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  958.051465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.060081]  ? ns_capable_common+0x13f/0x170
[  958.060100]  ? get_anon_bdev+0xc0/0xc0
[  958.060115]  sget+0x10b/0x150
[  958.060139]  ? ovl_show_options+0x550/0x550
[  958.060157]  mount_nodev+0x38/0x120
[  958.073112]  ? ovl_own_xattr_set+0x10/0x10
[  958.073130]  ovl_mount+0x34/0x40
[  958.073151]  legacy_get_tree+0x131/0x460
[  958.073173]  vfs_get_tree+0x1cb/0x5c0
[  958.090181]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  958.090199]  do_mount+0x70c/0x1d90
[  958.090223]  ? copy_mount_string+0x40/0x40
[  958.090248]  ? retint_kernel+0x2d/0x2d
[  958.107443]  ? copy_mount_options+0x239/0x430
[  958.107464]  ? __sanitizer_cov_trace_pc+0x48/0x50
[  958.107483]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.107498]  ? copy_mount_options+0x315/0x430
[  958.107520]  ksys_mount+0x12d/0x140
[  958.107540]  __x64_sys_mount+0xbe/0x150
[  958.107562]  do_syscall_64+0x1b9/0x820
[  958.107585]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  958.132456]  ? syscall_return_slowpath+0x5e0/0x5e0
[  958.132499]  ? trace_hardirqs_on_caller+0x310/0x310
[  958.132516]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  958.132545]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  958.132578]  ? __switch_to_asm+0x40/0x70
[  958.140168]  ? __switch_to_asm+0x34/0x70
[  958.140193]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  958.140221]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  958.140235] RIP: 0033:0x457569
[  958.140252] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  958.140266] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  958.148109] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  958.148119] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  958.148129] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  958.148139] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  958.148149] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  958.343809] FAT-fs (loop3): bogus number of reserved sectors
[  958.346497] overlayfs: filesystem on './file0' not supported as upperdir
[  958.359871] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:41 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
r21 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r21, &(0x7f0000000180)='./file1\x00')
openat(r21, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)

03:44:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x6}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x860c000000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:41 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x72}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000000)={0x5}, 0x1)

03:44:41 executing program 4 (fault-call:2 fault-nth:18):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:41 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x17}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000180)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4d8, 0xc0, 0x0, 0x350, 0x1d0, 0x290, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, &(0x7f0000000100), {[{{@ip={@empty, @multicast2, 0xffffffff, 0xffffff00, 'veth1\x00', 'yam0\x00', {0xff}, {0xff}, 0xa9, 0x2, 0x2}, 0x0, 0x98, 0xc0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}, @common=@inet=@socket3={0x28, 'socket\x00', 0x3, 0x2}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x4, 0x2}}}, {{@uncond, 0x0, 0x98, 0xc0}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x2}}}, {{@ip={@multicast2, @empty, 0x0, 0xffffff00, 'syzkaller0\x00', '\x00', {0xff}, {}, 0xfe, 0x0, 0x14}, 0x0, 0x98, 0xc0}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0xb9, 0x100}}}, {{@uncond, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x8}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x2, 0x400, @multicast2, 0x4e24}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x538)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00000000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  958.523133] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:41 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0x80000000)

[  958.607789] FAULT_INJECTION: forcing a failure.
[  958.607789] name failslab, interval 1, probability 0, space 0, times 0
[  958.616041] FAT-fs (loop3): bogus number of reserved sectors
[  958.625567] FAT-fs (loop3): Can't find a valid FAT filesystem
[  958.690190] CPU: 1 PID: 12468 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  958.698742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  958.708105] Call Trace:
[  958.710714]  dump_stack+0x244/0x39d
[  958.714374]  ? dump_stack_print_info.cold.1+0x20/0x20
[  958.719589]  ? __kernel_text_address+0xd/0x40
[  958.724101]  ? unwind_get_return_address+0x61/0xa0
[  958.729053]  should_fail.cold.4+0xa/0x17
[  958.733138]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  958.738265]  ? save_stack+0x43/0xd0
[  958.741906]  ? kasan_kmalloc+0xc7/0xe0
[  958.745811]  ? kmem_cache_alloc_trace+0x152/0x750
[  958.750670]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  958.755869]  ? __list_lru_init+0x4d6/0x840
[  958.760118]  ? zap_class+0x640/0x640
[  958.763843]  ? mount_nodev+0x38/0x120
[  958.767661]  ? ovl_mount+0x34/0x40
[  958.771222]  ? legacy_get_tree+0x131/0x460
[  958.775475]  ? vfs_get_tree+0x1cb/0x5c0
[  958.779469]  ? do_mount+0x70c/0x1d90
[  958.783202]  ? ksys_mount+0x12d/0x140
[  958.787016]  ? __x64_sys_mount+0xbe/0x150
[  958.791191]  ? find_held_lock+0x36/0x1c0
[  958.795284]  ? __lock_is_held+0xb5/0x140
[  958.799381]  ? perf_trace_sched_process_exec+0x860/0x860
[  958.804864]  __should_failslab+0x124/0x180
[  958.809123]  should_failslab+0x9/0x14
[  958.812943]  kmem_cache_alloc_trace+0x2d7/0x750
[  958.817627]  ? __kmalloc_node+0x3c/0x70
[  958.821620]  ? __kmalloc_node+0x3c/0x70
[  958.825614]  ? rcu_read_lock_sched_held+0x14f/0x180
[  958.830659]  __memcg_init_list_lru_node+0x185/0x2d0
[  958.835695]  ? kvfree_rcu+0x20/0x20
[  958.839341]  ? __kmalloc_node+0x50/0x70
[  958.843344]  __list_lru_init+0x4d6/0x840
[  958.847427]  ? list_lru_destroy+0x500/0x500
[  958.851810]  ? up_write+0x7b/0x220
[  958.855375]  ? down_write_nested+0x130/0x130
[  958.859800]  ? down_read+0x120/0x120
[  958.859823]  ? init_wait_entry+0x1c0/0x1c0
[  958.859839]  ? prealloc_shrinker+0x172/0x340
[  958.859865]  alloc_super+0x907/0xb40
[  958.867804]  ? destroy_unused_super.part.10+0x110/0x110
[  958.875925]  ? sget_userns+0x17c/0x850
[  958.885384]  ? lock_downgrade+0x900/0x900
[  958.885410]  ? kasan_check_read+0x11/0x20
[  958.885428]  ? do_raw_spin_trylock+0x270/0x270
[  958.885460]  ? security_capable+0x99/0xc0
[  958.885487]  sget_userns+0x278/0x850
[  958.898358]  ? get_anon_bdev+0xc0/0xc0
[  958.898383]  ? vfs_get_super+0x270/0x270
[  958.898415]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  958.906308]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.906327]  ? ns_capable_common+0x13f/0x170
[  958.906344]  ? get_anon_bdev+0xc0/0xc0
[  958.906361]  sget+0x10b/0x150
[  958.914309]  ? ovl_show_options+0x550/0x550
[  958.914326]  mount_nodev+0x38/0x120
[  958.914347]  ? ovl_own_xattr_set+0x10/0x10
[  958.914362]  ovl_mount+0x34/0x40
[  958.914385]  legacy_get_tree+0x131/0x460
[  958.925462]  vfs_get_tree+0x1cb/0x5c0
[  958.925479]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  958.925496]  do_mount+0x70c/0x1d90
[  958.925516]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  958.925538]  ? copy_mount_string+0x40/0x40
[  958.960280]  ? copy_mount_options+0x5f/0x430
[  958.960303]  ? kmem_cache_alloc_trace+0x353/0x750
03:44:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x400000000000406, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000100)={0xe5, "2a53e225e007c4f764ee9c4e6b2e5750359c7591acfe88255bfd018dddcfc79ef6d8a0cb25a40b5c5b79cf9328875411944b448ac1e42ca451d36808c43aebf35067b57adf401a77c11762a5881c96d9cdd94a25aa7e4de0c69c04ddfe24638eb6cd27ccf9928a0cd7b240556ee09bbd37a25efa262e6c40d45bea53294f10d49386708b3f6642c0481ca874db80a0d9225af7c609d2997489705c3b4ccf807011a5af7835b2e3f1762dc5483a8a8f5ca6a884419e42981ffa3845e0bfece17977547cd3a367150286c36f8de68a2237edcc58fd69e6dd2b9ab397e145f1194e26b2f15943"})
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="8800000076320e961bab62b5086fdbbc07d0dbe1710f6ba99abc87473693ad201268b3807eb78656c418fc54bbbed32958d2d14e5206e83a7a040000005af3076902d3655e4ac9c5ab980789452972c1ee411975e89de8dc951bfbdedae517623c2e6c52b57055498f8d14149d848f7756e0a2c8ab0043337681fa137b9a4c02cb9caaf516ef093c39a6493d"])
ioctl$FS_IOC_SETVERSION(r0, 0x400448e7, &(0x7f00000000c0)=0xffffffffffffffff)
ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f0000000000))

03:44:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x400448e7, &(0x7f0000000080)=0x200008)

03:44:41 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  958.960324]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  958.968619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  958.968635]  ? copy_mount_options+0x315/0x430
[  958.968657]  ksys_mount+0x12d/0x140
[  958.978427]  __x64_sys_mount+0xbe/0x150
[  958.978463]  do_syscall_64+0x1b9/0x820
[  958.978487]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  958.993767]  ? syscall_return_slowpath+0x5e0/0x5e0
[  958.993789]  ? trace_hardirqs_on_caller+0x310/0x310
[  958.993812]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  959.004178]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  959.004204]  ? __switch_to_asm+0x40/0x70
[  959.004228]  ? __switch_to_asm+0x34/0x70
[  959.011842]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  959.011871]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  959.011889] RIP: 0033:0x457569
[  959.021133] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  959.021143] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  959.021158] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  959.021168] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  959.021183] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  959.031113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  959.031123] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  959.070481] overlayfs: missing 'workdir'
[  959.159066] FAT-fs (loop3): bogus number of reserved sectors
[  959.165235] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:42 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
r21 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r21, &(0x7f0000000180)='./file1\x00')
openat(r21, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)

03:44:42 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getpeername(r1, &(0x7f0000000100)=@ethernet={0x0, @local}, &(0x7f0000000000)=0x80)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x400448e7, &(0x7f00000000c0)=0x6)

03:44:42 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff000]}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:42 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x80000000, 0x0, 0x0, 0x7ff, 0x20000000000}}, 0x4b1)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f0000000040)={0x22, 0x3, 0x0, {0x1, 0x1, 0x0, '&'}}, 0x22)

03:44:42 executing program 4 (fault-call:2 fault-nth:19):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:42 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xffffff7f00000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:42 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local={0xac, 0x26}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:42 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
r2 = msgget(0x1, 0x100)
msgctl$IPC_STAT(r2, 0x2, &(0x7f0000000100)=""/248)

[  959.334095] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  959.362028] FAT-fs (loop3): bogus number of reserved sectors
[  959.374583] FAT-fs (loop3): Can't find a valid FAT filesystem
[  959.395618] FAULT_INJECTION: forcing a failure.
[  959.395618] name failslab, interval 1, probability 0, space 0, times 0
[  959.413604] CPU: 1 PID: 12522 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  959.422113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  959.431467] Call Trace:
[  959.434067]  dump_stack+0x244/0x39d
[  959.437705]  ? dump_stack_print_info.cold.1+0x20/0x20
[  959.442903]  ? __kernel_text_address+0xd/0x40
[  959.447402]  ? unwind_get_return_address+0x61/0xa0
[  959.452351]  should_fail.cold.4+0xa/0x17
[  959.456421]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  959.461544]  ? save_stack+0x43/0xd0
[  959.465173]  ? kasan_kmalloc+0xc7/0xe0
[  959.469068]  ? kmem_cache_alloc_trace+0x152/0x750
[  959.473912]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  959.479104]  ? __list_lru_init+0x4d6/0x840
[  959.483343]  ? zap_class+0x640/0x640
[  959.487055]  ? mount_nodev+0x38/0x120
[  959.490862]  ? ovl_mount+0x34/0x40
[  959.494414]  ? legacy_get_tree+0x131/0x460
[  959.498653]  ? vfs_get_tree+0x1cb/0x5c0
[  959.502627]  ? do_mount+0x70c/0x1d90
[  959.506344]  ? ksys_mount+0x12d/0x140
[  959.510143]  ? __x64_sys_mount+0xbe/0x150
[  959.514299]  ? find_held_lock+0x36/0x1c0
[  959.518371]  ? __lock_is_held+0xb5/0x140
[  959.522514]  ? usb_port_suspend+0x968/0xcd0
[  959.526864]  ? perf_trace_sched_process_exec+0x860/0x860
[  959.532350]  __should_failslab+0x124/0x180
[  959.536607]  should_failslab+0x9/0x14
[  959.540413]  kmem_cache_alloc_trace+0x2d7/0x750
[  959.545096]  ? __kmalloc_node+0x3c/0x70
[  959.549071]  ? __kmalloc_node+0x3c/0x70
[  959.553048]  ? rcu_read_lock_sched_held+0x14f/0x180
[  959.558072]  __memcg_init_list_lru_node+0x185/0x2d0
[  959.563096]  ? kvfree_rcu+0x20/0x20
[  959.566728]  ? __kmalloc_node+0x50/0x70
[  959.570713]  __list_lru_init+0x4d6/0x840
[  959.574784]  ? list_lru_destroy+0x500/0x500
[  959.579130]  ? up_write+0x7b/0x220
[  959.582680]  ? down_write_nested+0x130/0x130
[  959.587095]  ? down_read+0x120/0x120
[  959.590820]  ? init_wait_entry+0x1c0/0x1c0
[  959.595061]  ? prealloc_shrinker+0x172/0x340
[  959.599482]  alloc_super+0x907/0xb40
[  959.603214]  ? destroy_unused_super.part.10+0x110/0x110
[  959.608583]  ? sget_userns+0x17c/0x850
[  959.612476]  ? lock_downgrade+0x900/0x900
[  959.616647]  ? kasan_check_read+0x11/0x20
[  959.620811]  ? do_raw_spin_trylock+0x270/0x270
[  959.625403]  ? security_capable+0x99/0xc0
[  959.629575]  sget_userns+0x278/0x850
[  959.633300]  ? get_anon_bdev+0xc0/0xc0
[  959.637200]  ? vfs_get_super+0x270/0x270
[  959.641278]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  959.646847]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  959.652392]  ? ns_capable_common+0x13f/0x170
[  959.656804]  ? get_anon_bdev+0xc0/0xc0
[  959.660696]  sget+0x10b/0x150
[  959.663819]  ? ovl_show_options+0x550/0x550
[  959.668149]  mount_nodev+0x38/0x120
[  959.671781]  ? ovl_own_xattr_set+0x10/0x10
[  959.676021]  ovl_mount+0x34/0x40
[  959.679397]  legacy_get_tree+0x131/0x460
[  959.683474]  vfs_get_tree+0x1cb/0x5c0
[  959.687280]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  959.692044]  do_mount+0x70c/0x1d90
[  959.695592]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  959.701139]  ? copy_mount_string+0x40/0x40
[  959.705383]  ? copy_mount_options+0x5f/0x430
[  959.709808]  ? kmem_cache_alloc_trace+0x353/0x750
[  959.714658]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  959.720207]  ? _copy_from_user+0xdf/0x150
[  959.724366]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  959.729909]  ? copy_mount_options+0x315/0x430
[  959.734414]  ksys_mount+0x12d/0x140
[  959.738062]  __x64_sys_mount+0xbe/0x150
[  959.742046]  do_syscall_64+0x1b9/0x820
[  959.745943]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  959.751312]  ? syscall_return_slowpath+0x5e0/0x5e0
[  959.756244]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  959.761091]  ? trace_hardirqs_on_caller+0x310/0x310
[  959.766110]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  959.771130]  ? prepare_exit_to_usermode+0x291/0x3b0
[  959.776168]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  959.781027]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  959.786247] RIP: 0033:0x457569
[  959.789450] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  959.808365] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  959.816077] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  959.823347] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  959.830617] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  959.837887] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
03:44:42 executing program 1:
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)={0x0, 0x0, [0x4b564d01, 0x0, 0xfffffffd]})
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000040))
socket$inet6(0xa, 0x1000000000002, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000180)='./file2\x00', 0x0)
write$P9_RREADLINK(r0, &(0x7f00000002c0)=ANY=[@ANYRESOCT], 0x17)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000100)=0x8)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40002, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000140)={0x7}, 0xfea8)
ioctl$FUSE_DEV_IOC_CLONE(r1, 0xc028660f, &(0x7f0000000040))
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r3, 0x400448e7, &(0x7f00000000c0))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

[  959.845157] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:42 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local={0xac, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:42 executing program 4 (fault-call:2 fault-nth:20):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  959.901850] overlayfs: missing 'workdir'
03:44:42 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000000)=0x1, 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  959.959741] FAT-fs (loop3): bogus number of reserved sectors
[  960.029704] FAT-fs (loop3): Can't find a valid FAT filesystem
[  960.067888] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  960.107176] FAULT_INJECTION: forcing a failure.
[  960.107176] name failslab, interval 1, probability 0, space 0, times 0
[  960.131465] CPU: 0 PID: 12543 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  960.139971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  960.149329] Call Trace:
[  960.151942]  dump_stack+0x244/0x39d
[  960.155603]  ? dump_stack_print_info.cold.1+0x20/0x20
[  960.160807]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  960.160834]  should_fail.cold.4+0xa/0x17
[  960.160854]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  960.175303]  ? kernel_text_address+0x79/0xf0
[  960.175324]  ? unwind_get_return_address+0x61/0xa0
[  960.175344]  ? __save_stack_trace+0x8d/0xf0
[  960.175360]  ? zap_class+0x640/0x640
[  960.175387]  ? find_held_lock+0x36/0x1c0
[  960.189082]  ? __lock_is_held+0xb5/0x140
[  960.200908]  ? perf_trace_sched_process_exec+0x860/0x860
[  960.200932]  ? check_preemption_disabled+0x48/0x280
[  960.211419]  __should_failslab+0x124/0x180
[  960.211452]  should_failslab+0x9/0x14
[  960.219496]  kmem_cache_alloc_trace+0x2d7/0x750
[  960.219513]  ? __kmalloc_node+0x3c/0x70
[  960.219532]  ? __kmalloc_node+0x3c/0x70
[  960.228185]  ? rcu_read_lock_sched_held+0x14f/0x180
[  960.228209]  __memcg_init_list_lru_node+0x185/0x2d0
[  960.228229]  ? kvfree_rcu+0x20/0x20
[  960.237208]  ? __kmalloc_node+0x50/0x70
[  960.237233]  __list_lru_init+0x4d6/0x840
[  960.237255]  ? list_lru_destroy+0x500/0x500
[  960.237274]  ? up_write+0x7b/0x220
[  960.237290]  ? down_write_nested+0x130/0x130
[  960.237310]  ? down_read+0x120/0x120
[  960.245944]  ? init_wait_entry+0x1c0/0x1c0
[  960.245960]  ? prealloc_shrinker+0x172/0x340
[  960.245988]  alloc_super+0x907/0xb40
[  960.246010]  ? destroy_unused_super.part.10+0x110/0x110
[  960.246028]  ? sget_userns+0x17c/0x850
[  960.254064]  ? lock_downgrade+0x900/0x900
[  960.254087]  ? kasan_check_read+0x11/0x20
[  960.254105]  ? do_raw_spin_trylock+0x270/0x270
[  960.274296]  ? security_capable+0x99/0xc0
[  960.274325]  sget_userns+0x278/0x850
[  960.274339]  ? get_anon_bdev+0xc0/0xc0
[  960.274363]  ? vfs_get_super+0x270/0x270
[  960.287865]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  960.287910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  960.300066]  ? ns_capable_common+0x13f/0x170
[  960.300083]  ? get_anon_bdev+0xc0/0xc0
[  960.300102]  sget+0x10b/0x150
[  960.308835]  ? ovl_show_options+0x550/0x550
[  960.308852]  mount_nodev+0x38/0x120
[  960.308871]  ? ovl_own_xattr_set+0x10/0x10
[  960.316470]  ovl_mount+0x34/0x40
[  960.316490]  legacy_get_tree+0x131/0x460
[  960.316512]  vfs_get_tree+0x1cb/0x5c0
[  960.316528]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  960.316544]  do_mount+0x70c/0x1d90
[  960.316567]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  960.326159]  ? copy_mount_string+0x40/0x40
[  960.326181]  ? copy_mount_options+0x5f/0x430
[  960.326203]  ? kmem_cache_alloc_trace+0x353/0x750
[  960.336148]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  960.336173]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:44:43 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
r21 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r21, &(0x7f0000000180)='./file1\x00')
openat(r21, &(0x7f00000001c0)='./file1\x00', 0x0, 0x0)

03:44:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$nfc_llcp(r1, &(0x7f0000000340)={0x27, 0x0, 0x2, 0x0, 0x7fff, 0x4, "ca78295b7cd2a17e85fbf182918eb5d0ca85e92a679293de56e6e6fe8309a7cf30f348cb5123c57bb9806a61838a0692e123f841929f114826e93f752425aa", 0x39}, 0x60)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
r2 = gettid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@rand_addr}}}, &(0x7f0000000000)=0xe8)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000080)={0x40, 0x8, r2, 0x1, r3, 0x0, 0x4, 0x3})
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000200)={<r4=>0x0, 0x5, 0x6, [0x3, 0x80000001, 0x40, 0x100000001, 0x5, 0x5]}, &(0x7f0000000240)=0x14)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000003c0)={r4, @in6={{0xa, 0x4e20, 0x0, @mcast2, 0x5}}}, 0x84)

03:44:43 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local={0xac, 0x14, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:43 executing program 2:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040), 0xfffffffffffffe5c)
ioctl$FS_IOC_SETVERSION(0xffffffffffffffff, 0x800448d5, &(0x7f00000000c0))

[  960.336200]  ? copy_mount_options+0x315/0x430
[  960.336233]  ksys_mount+0x12d/0x140
[  960.336252]  __x64_sys_mount+0xbe/0x150
[  960.336273]  do_syscall_64+0x1b9/0x820
[  960.347590]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  960.347612]  ? syscall_return_slowpath+0x5e0/0x5e0
[  960.347628]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  960.347647]  ? trace_hardirqs_on_caller+0x310/0x310
[  960.347666]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  960.347688]  ? prepare_exit_to_usermode+0x291/0x3b0
[  960.355547]  ? trace_hardirqs_off_thunk+0x1a/0x1c
03:44:43 executing program 2:
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8, 0x400)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000080)={0x8, 0x7, 0xffffffffffffff80, 0x3}, 0x6)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}}, 0xa)
ioctl$FS_IOC_SETVERSION(r2, 0x800448d5, &(0x7f00000000c0))

[  960.355575]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  960.355588] RIP: 0033:0x457569
[  960.355605] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  960.355619] RSP: 002b:00007f7fae567c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  960.363034] RAX: ffffffffffffffda RBX: 00007f7fae567c90 RCX: 0000000000457569
[  960.363044] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  960.363053] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000
[  960.363062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5686d4
[  960.363076] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000003
03:44:43 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb8f0000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:43 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f00000000c0)=0x6)

03:44:43 executing program 4 (fault-call:2 fault-nth:21):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  960.556923] FAT-fs (loop3): bogus number of reserved sectors
[  960.562764] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:43 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local={0xac, 0x14, 0x26}, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0xffffffffffffffff, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

[  960.665338] overlayfs: missing 'workdir'
[  960.677782] FAT-fs (loop3): bogus number of reserved sectors
03:44:43 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf0ffffff00000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  960.714110] FAT-fs (loop3): Can't find a valid FAT filesystem
[  960.740594] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  960.771326] FAULT_INJECTION: forcing a failure.
[  960.771326] name failslab, interval 1, probability 0, space 0, times 0
[  960.834604] CPU: 0 PID: 12587 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  960.843136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  960.852492] Call Trace:
[  960.855098]  dump_stack+0x244/0x39d
[  960.855127]  ? dump_stack_print_info.cold.1+0x20/0x20
[  960.855190]  ? __kernel_text_address+0xd/0x40
[  960.855211]  ? unwind_get_return_address+0x61/0xa0
[  960.855236]  should_fail.cold.4+0xa/0x17
[  960.877528]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  960.882844]  ? save_stack+0x43/0xd0
[  960.886487]  ? kasan_kmalloc+0xc7/0xe0
[  960.890389]  ? kmem_cache_alloc_trace+0x152/0x750
[  960.895247]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  960.900461]  ? __list_lru_init+0x4d6/0x840
[  960.904721]  ? zap_class+0x640/0x640
[  960.908465]  ? mount_nodev+0x38/0x120
[  960.912276]  ? ovl_mount+0x34/0x40
[  960.912294]  ? legacy_get_tree+0x131/0x460
[  960.920073]  ? vfs_get_tree+0x1cb/0x5c0
[  960.924057]  ? do_mount+0x70c/0x1d90
[  960.927779]  ? ksys_mount+0x12d/0x140
[  960.931593]  ? __x64_sys_mount+0xbe/0x150
[  960.935759]  ? find_held_lock+0x36/0x1c0
[  960.935782]  ? __lock_is_held+0xb5/0x140
[  960.935817]  ? perf_trace_sched_process_exec+0x860/0x860
[  960.935847]  __should_failslab+0x124/0x180
[  960.935865]  should_failslab+0x9/0x14
[  960.949426]  kmem_cache_alloc_trace+0x2d7/0x750
[  960.949455]  ? __kmalloc_node+0x3c/0x70
[  960.949471]  ? __kmalloc_node+0x3c/0x70
[  960.949493]  ? rcu_read_lock_sched_held+0x14f/0x180
[  960.957527]  __memcg_init_list_lru_node+0x185/0x2d0
[  960.957549]  ? kvfree_rcu+0x20/0x20
[  960.957567]  ? __kmalloc_node+0x50/0x70
[  960.957591]  __list_lru_init+0x4d6/0x840
[  960.966224]  ? list_lru_destroy+0x500/0x500
[  960.966245]  ? up_write+0x7b/0x220
[  960.966261]  ? down_write_nested+0x130/0x130
[  960.966278]  ? down_read+0x120/0x120
[  960.966298]  ? init_wait_entry+0x1c0/0x1c0
[  960.966318]  ? prealloc_shrinker+0x172/0x340
[  960.975313]  alloc_super+0x907/0xb40
[  960.975343]  ? destroy_unused_super.part.10+0x110/0x110
[  960.975356]  ? sget_userns+0x17c/0x850
[  960.975374]  ? lock_downgrade+0x900/0x900
[  960.975396]  ? kasan_check_read+0x11/0x20
[  960.984029]  ? do_raw_spin_trylock+0x270/0x270
[  960.984049]  ? security_capable+0x99/0xc0
[  960.984078]  sget_userns+0x278/0x850
[  960.992631]  ? get_anon_bdev+0xc0/0xc0
[  960.992656]  ? vfs_get_super+0x270/0x270
[  960.992691]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  961.000567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  961.000585]  ? ns_capable_common+0x13f/0x170
[  961.000602]  ? get_anon_bdev+0xc0/0xc0
[  961.008722]  sget+0x10b/0x150
03:44:43 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
r21 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])
symlinkat(&(0x7f0000000140)='./file0\x00', r21, &(0x7f0000000180)='./file1\x00')

03:44:43 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000080)={0x1f, {0xfffffffffffffffc, 0x0, 0xfffffffffffffffc}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:43 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x1, 0x80000001, 0x4010000000000000, 0x4, 0xffffffffffffff9c, 0x6}, 0x2c)
fadvise64(r0, 0x0, 0x8, 0x3)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r2, 0x400448e7, &(0x7f00000000c0))

03:44:43 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x40030000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:43 executing program 4 (fault-call:2 fault-nth:22):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  961.008745]  ? ovl_show_options+0x550/0x550
[  961.008761]  mount_nodev+0x38/0x120
[  961.008781]  ? ovl_own_xattr_set+0x10/0x10
[  961.017446]  ovl_mount+0x34/0x40
[  961.017474]  legacy_get_tree+0x131/0x460
[  961.017496]  vfs_get_tree+0x1cb/0x5c0
[  961.017511]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  961.017528]  do_mount+0x70c/0x1d90
[  961.017551]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  961.026619]  ? copy_mount_string+0x40/0x40
[  961.026641]  ? copy_mount_options+0x5f/0x430
[  961.026662]  ? kmem_cache_alloc_trace+0x353/0x750
[  961.026682]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  961.026706]  ? _copy_from_user+0xdf/0x150
[  961.026727]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  961.034750]  ? copy_mount_options+0x315/0x430
[  961.034772]  ksys_mount+0x12d/0x140
[  961.034792]  __x64_sys_mount+0xbe/0x150
[  961.034814]  do_syscall_64+0x1b9/0x820
[  961.034832]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  961.034856]  ? syscall_return_slowpath+0x5e0/0x5e0
[  961.043579]  ? trace_hardirqs_on_caller+0x310/0x310
[  961.043598]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  961.043617]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  961.043634]  ? __switch_to_asm+0x40/0x70
[  961.051477]  ? __switch_to_asm+0x34/0x70
[  961.051502]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  961.051530]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  961.051547] RIP: 0033:0x457569
[  961.059498] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  961.059507] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  961.059523] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  961.059532] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  961.059547] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  961.078881] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  961.078891] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  961.279312] FAT-fs (loop3): bogus number of reserved sectors
[  961.286020] FAT-fs (loop3): Can't find a valid FAT filesystem
[  961.292986] FAULT_INJECTION: forcing a failure.
[  961.292986] name failslab, interval 1, probability 0, space 0, times 0
[  961.305252] CPU: 0 PID: 12609 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  961.306460] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  961.313764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  961.313772] Call Trace:
[  961.313799]  dump_stack+0x244/0x39d
[  961.313825]  ? dump_stack_print_info.cold.1+0x20/0x20
[  961.331139]  ? __kernel_text_address+0xd/0x40
[  961.331157]  ? unwind_get_return_address+0x61/0xa0
[  961.331179]  should_fail.cold.4+0xa/0x17
[  961.331199]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  961.331223]  ? save_stack+0x43/0xd0
[  961.331234]  ? kasan_kmalloc+0xc7/0xe0
[  961.331251]  ? kmem_cache_alloc_trace+0x152/0x750
[  961.331272]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  961.337468]  ? __list_lru_init+0x4d6/0x840
[  961.337486]  ? zap_class+0x640/0x640
[  961.337499]  ? mount_nodev+0x38/0x120
[  961.337516]  ? ovl_mount+0x34/0x40
[  961.337529]  ? legacy_get_tree+0x131/0x460
[  961.337541]  ? vfs_get_tree+0x1cb/0x5c0
[  961.337561]  ? do_mount+0x70c/0x1d90
[  961.347234]  ? ksys_mount+0x12d/0x140
[  961.347247]  ? __x64_sys_mount+0xbe/0x150
[  961.347270]  ? find_held_lock+0x36/0x1c0
[  961.347292]  ? __lock_is_held+0xb5/0x140
[  961.347325]  ? perf_trace_sched_process_exec+0x860/0x860
[  961.347355]  __should_failslab+0x124/0x180
[  961.356325]  should_failslab+0x9/0x14
[  961.356343]  kmem_cache_alloc_trace+0x2d7/0x750
[  961.356360]  ? __kmalloc_node+0x3c/0x70
[  961.356375]  ? __kmalloc_node+0x3c/0x70
[  961.356400]  ? rcu_read_lock_sched_held+0x14f/0x180
[  961.365120]  __memcg_init_list_lru_node+0x185/0x2d0
[  961.365142]  ? kvfree_rcu+0x20/0x20
[  961.365161]  ? __kmalloc_node+0x50/0x70
[  961.365186]  __list_lru_init+0x4d6/0x840
[  961.365206]  ? list_lru_destroy+0x500/0x500
[  961.365223]  ? up_write+0x7b/0x220
[  961.365236]  ? down_write_nested+0x130/0x130
[  961.365251]  ? down_read+0x120/0x120
[  961.365271]  ? init_wait_entry+0x1c0/0x1c0
[  961.365291]  ? prealloc_shrinker+0x172/0x340
[  961.374053]  alloc_super+0x907/0xb40
[  961.374078]  ? destroy_unused_super.part.10+0x110/0x110
[  961.374091]  ? sget_userns+0x17c/0x850
[  961.374109]  ? lock_downgrade+0x900/0x900
[  961.374131]  ? kasan_check_read+0x11/0x20
[  961.383545]  ? do_raw_spin_trylock+0x270/0x270
[  961.383566]  ? security_capable+0x99/0xc0
[  961.383593]  sget_userns+0x278/0x850
[  961.383606]  ? get_anon_bdev+0xc0/0xc0
[  961.383626]  ? vfs_get_super+0x270/0x270
[  961.391168]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  961.391215]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  961.391235]  ? ns_capable_common+0x13f/0x170
[  961.422145] overlayfs: missing 'workdir'
[  961.422721]  ? get_anon_bdev+0xc0/0xc0
[  961.422742]  sget+0x10b/0x150
[  961.440887]  ? ovl_show_options+0x550/0x550
[  961.440905]  mount_nodev+0x38/0x120
[  961.440926]  ? ovl_own_xattr_set+0x10/0x10
[  961.440942]  ovl_mount+0x34/0x40
[  961.440960]  legacy_get_tree+0x131/0x460
[  961.448921]  vfs_get_tree+0x1cb/0x5c0
[  961.448938]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  961.448956]  do_mount+0x70c/0x1d90
[  961.448977]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  961.448997]  ? copy_mount_string+0x40/0x40
[  961.459023]  ? copy_mount_options+0x5f/0x430
[  961.459045]  ? kmem_cache_alloc_trace+0x353/0x750
[  961.459067]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  961.459085]  ? _copy_from_user+0xdf/0x150
[  961.459105]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  961.475082]  ? copy_mount_options+0x315/0x430
[  961.475105]  ksys_mount+0x12d/0x140
[  961.475124]  __x64_sys_mount+0xbe/0x150
[  961.475147]  do_syscall_64+0x1b9/0x820
[  961.475166]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  961.475186]  ? syscall_return_slowpath+0x5e0/0x5e0
[  961.486848]  ? trace_hardirqs_on_caller+0x310/0x310
[  961.486867]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  961.486890]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  961.495515]  ? __switch_to_asm+0x40/0x70
[  961.495528]  ? __switch_to_asm+0x34/0x70
[  961.495553]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  961.495580]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  961.495610] RIP: 0033:0x457569
[  961.495638] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  961.495646] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  961.495665] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  961.504722] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:44:44 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0ffffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:44 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x3000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x8000, 0x0)

03:44:44 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000080)='./file0\x00', 0x5, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000100)="7b8197e33080c8e3106d27186d4449dc382bc77d57b5f096ad99c854c83484794e91a79ef87f37b9dc6bb35b513d9b87572446", 0x33, 0x4d19}, {&(0x7f0000000140)="7e3dca898dfb286b48781e61f5f275fb0df7b5eca02b8c72f50e295bfa37b29c189cf9e50a439487b18c137739d2f1c21850911406faa49bc4f47d5ae5e72ee0c6fae0bb80b76e35c2ebd8577afc567831c63742d130b225eb00771d150ad7f2", 0x60, 0x3f}], 0x30020, &(0x7f0000000200)='bdev\x00')
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  961.504733] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  961.504742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  961.504752] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  961.633604] FAT-fs (loop3): bogus number of reserved sectors
[  961.653451] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:44 executing program 4 (fault-call:2 fault-nth:23):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:44 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000001740), 0x0, &(0x7f0000001800)=ANY=[])

03:44:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f00000001c0)="d3cc408d38ed596075cdc71a644e09dfbe5c3fe67c52f901410886f836e59f1e0e654a66dbf2a20a642fb9593ddea92d995c4ed2c1105a507a0dd7813dd013b71081a2e86ada7d34d7d995d90f76d9eb6d84da8681b43535b22279c36696b254d7f0debe6e33166f4d2fc073ca4e4dc1771323f6736d5e93cb450f9ca63d2215fb56eb724cab7921c37959611c4a7f9ac8ae3a8b258a888ba42b01a883fa4b760ef326db5799ed33b587a6e3fea39907b316ebdcc3da41c6b2525c5f35")
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:44 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x1000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  961.968043] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  961.977267] FAULT_INJECTION: forcing a failure.
[  961.977267] name failslab, interval 1, probability 0, space 0, times 0
03:44:44 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x1, 0x0)
ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000080))
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r2, 0x800448d5, &(0x7f00000000c0))

03:44:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
fsetxattr$security_smack_transmute(r1, &(0x7f0000000000)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x3)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

[  962.026380] FAT-fs (loop3): bogus number of reserved sectors
[  962.055512] FAT-fs (loop3): Can't find a valid FAT filesystem
[  962.103970] CPU: 0 PID: 12648 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  962.112504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  962.112513] Call Trace:
[  962.112540]  dump_stack+0x244/0x39d
[  962.112567]  ? dump_stack_print_info.cold.1+0x20/0x20
[  962.112590]  ? __kernel_text_address+0xd/0x40
[  962.112616]  ? unwind_get_return_address+0x61/0xa0
[  962.142806]  should_fail.cold.4+0xa/0x17
[  962.142829]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  962.142854]  ? save_stack+0x43/0xd0
[  962.142867]  ? kasan_kmalloc+0xc7/0xe0
[  962.142884]  ? kmem_cache_alloc_trace+0x152/0x750
[  962.142905]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  962.152056]  ? __list_lru_init+0x4d6/0x840
[  962.152076]  ? zap_class+0x640/0x640
[  962.152091]  ? mount_nodev+0x38/0x120
[  962.152108]  ? ovl_mount+0x34/0x40
[  962.152122]  ? legacy_get_tree+0x131/0x460
[  962.152134]  ? vfs_get_tree+0x1cb/0x5c0
[  962.152152]  ? do_mount+0x70c/0x1d90
[  962.159653]  ? ksys_mount+0x12d/0x140
[  962.159667]  ? __x64_sys_mount+0xbe/0x150
[  962.159690]  ? find_held_lock+0x36/0x1c0
[  962.159721]  ? __lock_is_held+0xb5/0x140
[  962.159754]  ? perf_trace_sched_process_exec+0x860/0x860
[  962.169785]  __should_failslab+0x124/0x180
[  962.169804]  should_failslab+0x9/0x14
[  962.169823]  kmem_cache_alloc_trace+0x2d7/0x750
[  962.169839]  ? __kmalloc_node+0x3c/0x70
[  962.169856]  ? __kmalloc_node+0x3c/0x70
[  962.169876]  ? rcu_read_lock_sched_held+0x14f/0x180
[  962.177824]  __memcg_init_list_lru_node+0x185/0x2d0
[  962.177846]  ? kvfree_rcu+0x20/0x20
03:44:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xffffff7f, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  962.177865]  ? __kmalloc_node+0x50/0x70
[  962.177891]  __list_lru_init+0x4d6/0x840
[  962.177912]  ? list_lru_destroy+0x500/0x500
[  962.185260]  ? up_write+0x7b/0x220
[  962.185285]  ? down_write_nested+0x130/0x130
[  962.185301]  ? down_read+0x120/0x120
[  962.185322]  ? init_wait_entry+0x1c0/0x1c0
[  962.185338]  ? prealloc_shrinker+0x172/0x340
[  962.185385]  alloc_super+0x907/0xb40
[  962.193601]  ? destroy_unused_super.part.10+0x110/0x110
[  962.193616]  ? sget_userns+0x17c/0x850
[  962.193636]  ? lock_downgrade+0x900/0x900
03:44:45 executing program 1:
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@mcast1, @in6=@mcast2}}, {{@in=@local}, 0x0, @in6=@remote}}, &(0x7f0000000000)=0xe8)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

[  962.193660]  ? kasan_check_read+0x11/0x20
[  962.193677]  ? do_raw_spin_trylock+0x270/0x270
[  962.193708]  ? security_capable+0x99/0xc0
[  962.201211]  sget_userns+0x278/0x850
[  962.201226]  ? get_anon_bdev+0xc0/0xc0
[  962.201250]  ? vfs_get_super+0x270/0x270
[  962.201283]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  962.201327]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  962.209512]  ? ns_capable_common+0x13f/0x170
[  962.209531]  ? get_anon_bdev+0xc0/0xc0
[  962.209547]  sget+0x10b/0x150
[  962.209570]  ? ovl_show_options+0x550/0x550
[  962.209586]  mount_nodev+0x38/0x120
[  962.209606]  ? ovl_own_xattr_set+0x10/0x10
[  962.219104]  ovl_mount+0x34/0x40
[  962.219123]  legacy_get_tree+0x131/0x460
[  962.219145]  vfs_get_tree+0x1cb/0x5c0
[  962.219161]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  962.219179]  do_mount+0x70c/0x1d90
[  962.219198]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  962.219221]  ? copy_mount_string+0x40/0x40
[  962.219242]  ? copy_mount_options+0x5f/0x430
[  962.219263]  ? kmem_cache_alloc_trace+0x353/0x750
[  962.231964]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  962.231989]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  962.232005]  ? copy_mount_options+0x315/0x430
[  962.232026]  ksys_mount+0x12d/0x140
[  962.232046]  __x64_sys_mount+0xbe/0x150
[  962.239989]  do_syscall_64+0x1b9/0x820
[  962.240010]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  962.240031]  ? syscall_return_slowpath+0x5e0/0x5e0
[  962.240051]  ? trace_hardirqs_on_caller+0x310/0x310
[  962.240075]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  962.250102]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  962.250119]  ? __switch_to_asm+0x40/0x70
[  962.250132]  ? __switch_to_asm+0x34/0x70
[  962.250156]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  962.250183]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  962.250200] RIP: 0033:0x457569
[  962.257795] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  962.257805] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  962.257821] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  962.257831] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  962.257841] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  962.257851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  962.257860] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  962.273214] overlayfs: missing 'workdir'
[  962.428898] FAT-fs (loop3): bogus number of reserved sectors
[  962.436377] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:45 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=<r2=>0x0)
getpgid(r2)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000180)={{{@in=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000080)=0xffffffffffffff51)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000280)={@local, @local, r3}, 0xc)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
socket$can_bcm(0x1d, 0x2, 0x2)

03:44:45 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb2f0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup3(r0, r0, 0x80000)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1ff)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r2, 0x400448e7, &(0x7f00000000c0))

03:44:45 executing program 4 (fault-call:2 fault-nth:24):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:45 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})
open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

[  962.696484] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xfffffffffffff000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x4, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x1000, 0x0, 0x1200, 0x3, 0xfffffffffffffffe}}, 0xa)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000000)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x3)
kexec_load(0x4, 0x2, &(0x7f0000000180)=[{&(0x7f0000000100)="33e1d27208e476dda08705323d80ebb7be2e7513f2eb6558d6db6796", 0x1c, 0x100000000, 0x7}, {&(0x7f0000000140)="f1a8cffd30a6d7e635675c30dadbde8761653a0eb7ce7494c85a", 0x1a, 0x401, 0x4}], 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xffffffffdffffffe)
ioctl$UI_BEGIN_FF_UPLOAD(r1, 0xc06855c8, &(0x7f0000000240)={0xb, 0xffffffffffffffe0, {0x52, 0x8, 0x9, {0x6, 0x1caea941}, {0x8, 0x4}, @cond=[{0x80000001, 0x15b, 0x2, 0x400000000000000, 0xa7, 0x3}, {0x8, 0x1ff, 0x48, 0x1, 0x5, 0x7}]}, {0x51, 0x9, 0x3f, {0x1, 0xcc}, {0x7, 0x4}, @cond=[{0x7fff, 0x4, 0x2, 0x8, 0x5, 0x3}, {0x6, 0xffffffffffffb89a, 0x8001, 0x7fff, 0x5, 0x3f}]}})
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f00000001c0), &(0x7f0000000200)=0x4)

03:44:45 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000100)={'#! ', './file0', [{0x20, 'locpusetusernodev*systemBGPL)\''}, {0x20, 'bdevcpuset]'}, {0x20, 'vmnet1em1trustedppp1mime_type'}, {}, {0x20, '&}em1!*'}, {0x20, 'GPL'}, {0x20, '& vmnet0cgroup'}, {}, {0x20, '-cgroup$'}], 0xa, "3e63a6096a5c01a932b9df2a97e9d9f96cbf5b084ef95c5a99bbd9e50a591f9564cb9060f428747088354c83766cbe3ddac511726d2c9207c50fca141f194b4cd85a300b6772ef14d17733d22ec8cd03d123611ab724bbf290ff5caec389e8c602d59e1321f873c4fdebf1584d5371c207fb2fe3f40d076f56251b346c9d33879ad116ea5344165465e30c5555e9829629e16cc8d0683bbb2042910f61db49cba341094ffbd1641df39997802c496121bbeda283520559"}, 0x131)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  962.746898] FAT-fs (loop3): bogus number of reserved sectors
[  962.752908] FAT-fs (loop3): Can't find a valid FAT filesystem
[  962.772453] FAULT_INJECTION: forcing a failure.
[  962.772453] name failslab, interval 1, probability 0, space 0, times 0
[  962.806304] CPU: 1 PID: 12694 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  962.814830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  962.824185] Call Trace:
[  962.826802]  dump_stack+0x244/0x39d
[  962.830465]  ? dump_stack_print_info.cold.1+0x20/0x20
[  962.835673]  ? __kernel_text_address+0xd/0x40
[  962.835692]  ? unwind_get_return_address+0x61/0xa0
[  962.835713]  should_fail.cold.4+0xa/0x17
[  962.835735]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  962.835760]  ? save_stack+0x43/0xd0
[  962.835773]  ? kasan_kmalloc+0xc7/0xe0
[  962.835789]  ? kmem_cache_alloc_trace+0x152/0x750
[  962.835810]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  962.845235]  ? __list_lru_init+0x4d6/0x840
[  962.845254]  ? zap_class+0x640/0x640
[  962.845269]  ? mount_nodev+0x38/0x120
[  962.845286]  ? ovl_mount+0x34/0x40
[  962.845300]  ? legacy_get_tree+0x131/0x460
[  962.845314]  ? vfs_get_tree+0x1cb/0x5c0
[  962.845326]  ? do_mount+0x70c/0x1d90
[  962.845339]  ? ksys_mount+0x12d/0x140
[  962.845351]  ? __x64_sys_mount+0xbe/0x150
[  962.845372]  ? find_held_lock+0x36/0x1c0
[  962.854540]  ? __lock_is_held+0xb5/0x140
[  962.854576]  ? perf_trace_sched_process_exec+0x860/0x860
[  962.854607]  __should_failslab+0x124/0x180
[  962.854625]  should_failslab+0x9/0x14
[  962.854642]  kmem_cache_alloc_trace+0x2d7/0x750
[  962.854658]  ? __kmalloc_node+0x3c/0x70
[  962.854678]  ? __kmalloc_node+0x3c/0x70
[  962.867037]  ? rcu_read_lock_sched_held+0x14f/0x180
[  962.867064]  __memcg_init_list_lru_node+0x185/0x2d0
[  962.867085]  ? kvfree_rcu+0x20/0x20
[  962.867104]  ? __kmalloc_node+0x50/0x70
[  962.867129]  __list_lru_init+0x4d6/0x840
[  962.880358]  ? list_lru_destroy+0x500/0x500
[  962.880380]  ? up_write+0x7b/0x220
[  962.880397]  ? down_write_nested+0x130/0x130
[  962.880414]  ? down_read+0x120/0x120
[  962.880446]  ? init_wait_entry+0x1c0/0x1c0
[  962.880467]  ? prealloc_shrinker+0x172/0x340
[  962.887808]  alloc_super+0x907/0xb40
[  962.887833]  ? destroy_unused_super.part.10+0x110/0x110
[  962.887846]  ? sget_userns+0x17c/0x850
[  962.887865]  ? lock_downgrade+0x900/0x900
03:44:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x200000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  962.887889]  ? kasan_check_read+0x11/0x20
[  962.887909]  ? do_raw_spin_trylock+0x270/0x270
[  962.897069] overlayfs: missing 'workdir'
[  962.899818]  ? security_capable+0x99/0xc0
[  962.899849]  sget_userns+0x278/0x850
[  962.899863]  ? get_anon_bdev+0xc0/0xc0
[  962.899888]  ? vfs_get_super+0x270/0x270
[  962.907853]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  962.907900]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  962.907920]  ? ns_capable_common+0x13f/0x170
[  962.916045]  ? get_anon_bdev+0xc0/0xc0
03:44:45 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf0ffffffffffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:45 executing program 4 (fault-call:2 fault-nth:25):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000c00)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000001f00000006000000f8070000d005000000000000580400000000000000000000280700002807000028070000280700002807000006000000", @ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="fe800000000000000000000000000017ff010000000000000000000000000001ffffffffffffffffffffffffff00000000000000ffffffffffffffffff76657468315f746f5f626f6e6400000062707130000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000002100000140000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800434845434b53554d000000000000000000000000000000000000000000000100000000000000fe8000000000000000000000000000bb00000000000000000000000000000000ffffffffffffffffffffffffffffffff00000000ffffffff00000000ffffffff6970366772657461703000000000000076657468305f746f5f7465616d000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000030116000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800484c0000000000000000000000000000000000000000000000000000000002090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030027802000000000000000000000000000000000000000000000000300073726800000000000000000000000000000000000000000000000000000008fa0102020000040924000000000000380172740000000000000000000000000000000000000047000efe94604046329b0000000000000000000900000001040000000100000500000000010000ff01000000000000000000000000000100000000000000000000000000000000ff01000000000000000000000000000100000000000000000000ffff7f000001ff010000000000000000000000000001ff01000000000000000000000000000100000000000000000000000000000001ff010000000000000000000000000001fe8000000000000000000000000000bbfe000000000000000000000000aaff020000000000000000000000000001fe8000000000000000000000000000aafe8000000000000000000000000000bb00000000000000000000ffff00000005ff010000000000000000000000000001fe8000000000000000000000000000bb080000004800534e50540000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000ac14141f0000000000000000000000000e0b070000000000ff02000000000000000000000000000100000000000000000000000000000000ffffffffffffff0000000000ff0000ff00000000000000ffff0000000000000076657468305f746f5f626f6e6400000062726964676530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000000ff00040769000000000000000000000000000000380178010000000000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000000000000000000048006862680000000000000000000000000000000000000000000000000000000400000001013b9b400000000002090008008000ff000300010003003f00dc053f00030000000d0040005450524f5859000000000000000000000000000000000000000000000001ffff000001000000e00000010000000000000000000000004e20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000057c87eec2466d44423e9aed6ae93dd140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100158010000000000000000000000000000000000000000000000004800686268000000000000000000000000000000000000000000000000000000070000000001070005000000cd874000050008000100ae0000200900a888ff008eb4030001000c004800534e5054000000000000000000000000000000000000000000000000000000000000000000000000000000000001ff010000000000000000000000000001002d0600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff0000"], 0x858)
r2 = getpgid(0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b80)={r1, 0x50, &(0x7f0000000b00)={0x0, <r3=>0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000bc0)={r2, r1, 0x0, 0x24, &(0x7f0000000040)='nodevvboxnet0ppp1vboxnet1(cgroupem1\x00', r3}, 0x30)
bind$bt_rfcomm(r1, &(0x7f0000000140)={0x1f, {0x0, 0x8}}, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
getpeername$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x40000010})
r4 = semget(0x2, 0x6, 0xc8)
semctl$IPC_STAT(r4, 0x0, 0x2, &(0x7f0000000180)=""/86)

[  962.916060]  sget+0x10b/0x150
[  962.916083]  ? ovl_show_options+0x550/0x550
[  962.916100]  mount_nodev+0x38/0x120
[  962.916121]  ? ovl_own_xattr_set+0x10/0x10
[  962.916137]  ovl_mount+0x34/0x40
[  962.916157]  legacy_get_tree+0x131/0x460
[  962.916178]  vfs_get_tree+0x1cb/0x5c0
[  962.916205]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  962.929666]  do_mount+0x70c/0x1d90
[  962.929688]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  962.929708]  ? copy_mount_string+0x40/0x40
[  962.929730]  ? copy_mount_options+0x5f/0x430
[  962.929752]  ? kmem_cache_alloc_trace+0x353/0x750
[  962.929773]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  962.929795]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  962.938431]  ? copy_mount_options+0x315/0x430
[  962.938467]  ksys_mount+0x12d/0x140
[  962.938487]  __x64_sys_mount+0xbe/0x150
[  962.938511]  do_syscall_64+0x1b9/0x820
[  962.938531]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  962.938557]  ? syscall_return_slowpath+0x5e0/0x5e0
[  962.947546]  ? trace_hardirqs_on_caller+0x310/0x310
[  962.947566]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:44:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x860c000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  962.947586]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  962.947602]  ? __switch_to_asm+0x40/0x70
[  962.947615]  ? __switch_to_asm+0x34/0x70
[  962.947637]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  962.947665]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  962.947678] RIP: 0033:0x457569
[  962.947697] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  962.956327] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  962.956344] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  962.956353] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  962.956363] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  962.956372] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  962.956382] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  963.321742] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  963.359765] FAULT_INJECTION: forcing a failure.
[  963.359765] name failslab, interval 1, probability 0, space 0, times 0
[  963.389026] CPU: 1 PID: 12727 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  963.397555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  963.397562] Call Trace:
[  963.397589]  dump_stack+0x244/0x39d
[  963.397616]  ? dump_stack_print_info.cold.1+0x20/0x20
[  963.409556]  ? __kernel_text_address+0xd/0x40
[  963.409574]  ? unwind_get_return_address+0x61/0xa0
[  963.409600]  should_fail.cold.4+0xa/0x17
[  963.418408]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  963.418445]  ? save_stack+0x43/0xd0
[  963.418459]  ? kasan_kmalloc+0xc7/0xe0
[  963.418475]  ? kmem_cache_alloc_trace+0x152/0x750
[  963.418496]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  963.427923]  ? __list_lru_init+0x4d6/0x840
[  963.427942]  ? zap_class+0x640/0x640
[  963.427955]  ? mount_nodev+0x38/0x120
[  963.427971]  ? ovl_mount+0x34/0x40
[  963.427990]  ? legacy_get_tree+0x131/0x460
[  963.437137]  ? vfs_get_tree+0x1cb/0x5c0
[  963.437150]  ? do_mount+0x70c/0x1d90
[  963.437163]  ? ksys_mount+0x12d/0x140
[  963.437176]  ? __x64_sys_mount+0xbe/0x150
[  963.437205]  ? find_held_lock+0x36/0x1c0
[  963.437227]  ? __lock_is_held+0xb5/0x140
[  963.444745]  ? perf_trace_sched_process_exec+0x860/0x860
[  963.444776]  __should_failslab+0x124/0x180
[  963.444799]  should_failslab+0x9/0x14
[  963.454827]  kmem_cache_alloc_trace+0x2d7/0x750
[  963.454844]  ? __kmalloc_node+0x3c/0x70
[  963.454861]  ? __kmalloc_node+0x3c/0x70
[  963.454879]  ? rcu_read_lock_sched_held+0x14f/0x180
[  963.454904]  __memcg_init_list_lru_node+0x185/0x2d0
[  963.462843]  ? kvfree_rcu+0x20/0x20
[  963.462861]  ? __kmalloc_node+0x50/0x70
[  963.462885]  __list_lru_init+0x4d6/0x840
[  963.470223]  ? list_lru_destroy+0x500/0x500
[  963.470244]  ? up_write+0x7b/0x220
[  963.470262]  ? down_write_nested+0x130/0x130
[  963.478468]  ? down_read+0x120/0x120
[  963.478491]  ? init_wait_entry+0x1c0/0x1c0
[  963.478507]  ? prealloc_shrinker+0x172/0x340
[  963.478533]  alloc_super+0x907/0xb40
[  963.486038]  ? destroy_unused_super.part.10+0x110/0x110
[  963.486051]  ? sget_userns+0x17c/0x850
[  963.486070]  ? lock_downgrade+0x900/0x900
03:44:46 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xd00000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r1}, 0x10)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f0000000100))
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getegid()
write$FUSE_ATTR(r1, &(0x7f00000001c0)={0x78, 0x0, 0x2, {0x7fff, 0x8, 0x0, {0x6, 0x3, 0x6, 0x2, 0x2, 0x80, 0x9, 0x20000, 0x100000000, 0x3, 0x0, r2, r3, 0xd87, 0xfffffffffffff113}}}, 0x78)

03:44:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x300000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:46 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000580)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@index_off='index=off'}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x5c}]})

[  963.486094]  ? kasan_check_read+0x11/0x20
[  963.486112]  ? do_raw_spin_trylock+0x270/0x270
[  963.494317]  ? security_capable+0x99/0xc0
[  963.494346]  sget_userns+0x278/0x850
[  963.494360]  ? get_anon_bdev+0xc0/0xc0
[  963.494387]  ? vfs_get_super+0x270/0x270
[  963.503908]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  963.503954]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  963.511952]  ? ns_capable_common+0x13f/0x170
[  963.511971]  ? get_anon_bdev+0xc0/0xc0
[  963.511985]  sget+0x10b/0x150
[  963.512007]  ? ovl_show_options+0x550/0x550
[  963.520640]  mount_nodev+0x38/0x120
[  963.520661]  ? ovl_own_xattr_set+0x10/0x10
[  963.520677]  ovl_mount+0x34/0x40
[  963.520695]  legacy_get_tree+0x131/0x460
[  963.529713]  vfs_get_tree+0x1cb/0x5c0
[  963.529730]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  963.529747]  do_mount+0x70c/0x1d90
[  963.529769]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  963.538401]  ? copy_mount_string+0x40/0x40
[  963.538423]  ? copy_mount_options+0x5f/0x430
[  963.538459]  ? kmem_cache_alloc_trace+0x353/0x750
[  963.571075]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  963.580147]  ? _copy_from_user+0xdf/0x150
[  963.580170]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  963.580189]  ? copy_mount_options+0x315/0x430
[  963.618251]  ksys_mount+0x12d/0x140
[  963.628186]  __x64_sys_mount+0xbe/0x150
[  963.628218]  do_syscall_64+0x1b9/0x820
[  963.628238]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  963.628259]  ? syscall_return_slowpath+0x5e0/0x5e0
[  963.647418]  ? trace_hardirqs_on_caller+0x310/0x310
[  963.647450]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:44:46 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x7f, 0x10800)
ioctl$TCFLSH(r1, 0x540b, 0x7)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x20000000, 0x7, 0x0, 0x8}}, 0xa)
write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x2, 0x80000001, 0xff, 0x20, 0x3, 0x3e, 0xdfb, 0x10c, 0x40, 0x2e6, 0x81, 0xff, 0x38, 0x1, 0x100000000, 0x12f72ed7, 0xffff}, [{0x6, 0xfffffffffffffffc, 0x9, 0x0, 0x1, 0x3, 0x101, 0xffffffff}, {0x6474e553, 0x0, 0x7, 0x1, 0x4, 0x101, 0xfff, 0x401}], "84da0b4f534b5f2a5b5a1677e69c27f14d79ccdc7b29470dc8c5c06fd80b0021929114cac9b8f19df89784eed71197163f9315597513b23849e3347c2d4df32a1d399ba3a8a645f7370cc16ab04c1fee35a5e4f5f9d377477294eff684dd1b4dd57503d57d22909f811f29524745f6f8b3254bf474e77cb5713f3c39998fe6e058c3406353d9211eb2a99fee8b5b987893b39e0b98cbf5881d5c03236ee9d6fe1f3d873beff0595eccbe0ffc3c296bc2959ebcb0d050deb981458364bbacc21d996365747cb5672fe2d045a79263e58a0a6583e0fcc424734cd404192b31740eee", [[], [], [], [], [], [], [], []]}, 0x991)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
mq_timedreceive(r1, &(0x7f0000000000), 0x0, 0x1183, &(0x7f0000000080)={0x0, 0x1c9c380})

03:44:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f0000000080)=0xfffffffffffffff8)
setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000000)=0x1, 0x4)

[  963.647476]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  963.654898]  ? __switch_to_asm+0x40/0x70
[  963.654911]  ? __switch_to_asm+0x34/0x70
[  963.654934]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  963.654962]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  963.654979] RIP: 0033:0x457569
[  963.663521] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:44:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xfffff000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000380)='veth1\x00')
lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f0000000180)='y\x00', 0x2, 0x2)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000100)={{0xa, 0x4e20, 0xffffffff, @loopback}, {0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0xc}, 0x7}, 0x8, [0x100000000, 0x3, 0xfb, 0x8, 0x5, 0x7fff, 0x5, 0x10002]}, 0x5c)

[  963.663530] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  963.663546] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  963.663561] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  963.672622] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  963.672632] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  963.672642] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:46 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
writev(r0, &(0x7f0000001700)=[{&(0x7f0000001780)="3480de6503c656e778bff2dbde8d2222ecb1b9ee61abfe1044dc0c1d22a690256aec2d0bc1fde3ee23736acaa696e6553bbb35c7dd3feefe0ec275c71a33c11ca9c3da88795ddc79399d33cc558317a691d67fe5b627a33df1b640eab92a1c124e945814324a97f713f28d2bca6f1dc304abc17cfd6676a0399376e2fd01a9bfc66615a7c282b8b1e02ba053a397a931d0d8b0dba7e730b7d4aa14b2a93e11fcc0d10e0943afe62a18859d75105deea67cdb281006bc1945d2b8d517560679279d7e5cb94e67ab2b0ae75f43b172359e60bf95d22e07a7c50e5e40a21b0420360d1308ce62c359e1906cb34fbf93f41a0905ffa54f49c2f77a29d318c6471d3ea1ecd2d26f305486da75ebb41bc0c5f2d5911269cf9d1e764eadf586e1ec2ae8368636e42341de7707ef36883b242027388ac5b840cec5446b15eb0f281446610886ebf19696909e284c197516e3c796a1863d5ccaae7f50962d33b3739b0010338a58bf557fcd7ce4", 0x4a7}, {&(0x7f00000001c0)="7d16e0ab92653175c9eda8a6a19d72d3101f9af7eb831c01edad750ba6203053d10aa0349da427ef069008722991f65dd8036e39b8db5e9dc0859fb0043fc09530ce8d226a1c51", 0x1b}, {&(0x7f0000000240)="2f63f2a2ab756a628cd516abdd62e1680e2962e445a09445680e780ec612a4f487cb3d905e206c5e5f5b1acc2c07eefe68da00fb2971bf7f1de70d3fb538a5ef34a41fa8ba9567dcfb8501e0e52afbaeb1cee8002722237b3c1069f1376c5dc051691f7fb0699ee3eaea52ba8a298832ea89b7322bbf0b09d272746207bf9bcc90151eca4c8f46164cf0b774", 0x8c}, {&(0x7f0000000300)="95ad913c7bd855e4fb1c4798c183649307eb8353ef8a597b95728b4f4c3ec751b5d6dcf148ef6b0c661ecf0019a5dbfc4b4ddfffda517b577a530a1755fbd03179bdf9845b1fb75775da46ba081c7f66622a2b73d6020199799c031928ae8c72e68ccd969cdeca61f12e9faec6c917e7e6fd87b9a33289614115908853fe3c1e5c98acaafa73cb563030d43d76aef7e887b4ea9d920831a2e144f3293088cb19f9a5fcd28a5c3ece882f6835d8046e452f36cdbc1d5ec64fe1e465a2c953b781eabb72f984b68a95f5d6355940f74a2855237c77831bd21e0ad46952a28adca0dd9fb76ce6d598e25dd6c5c8e0ddac1639ebd8ea62303c03e716f0951af22c2988f99cd61cad3ab3ba8016974e5b06c77dcb756f7b6ad763a771e461cb83a00e56e173fcb1cb049319c93fe1d3f07bb907f6c1951c6501baa1bf33014bb09ceeeed978a96ff8147f033bcf077dcb9c09db39835f9a03e13a0f26bb715b5bc0171093fb0323b2aae8ca3070ad2edb58cb84e24c9ea5a6217a471b49254b3cd975d68c7a0b76ebaf9f42eca8f6bac9c72ac7033a4a1ccd84eaf0281c585a779ca45e935b0acee6d93b4315e297511f8e5b226bce8dc8e735413cc2e8439475c4f3e5df3a0d7cb28f95dd034f82f48b1643b04ead14a5fa20ed22cbede036a2d9b3377f8661bd23b01886184c7818b42ed027a9dd47cb0742f641b9f192f5e7cbab7f14ecd413d4f0bc21cf232f4a53981c5e2c184490b21416af4082f67c7857b5784bb376979e8e52a0b7dbd69837e0615fc001f2ad1b69e87d031cfa6cfd78ada390adf3c1dc700b8c133495090a4b687f03f842f5fe3f2acbf4f244b8098d31b76d75ff37efe8dd5656bf7cf5bfefc70293e7ea8e7d2e3f5b5680bdebf62c0da261d4958e11b28899171c62ca263825c2b58b555df14329f34c03fdf18afb40e8c087956ad425f9c437e22574dadefecf8a06320dcf8052d7462f0a45dd9274e8f0026b6c93492670dc70af0dac5daaf16c99de3f0613d0ab6d8ca28030aa73dc5cf8a7887051511ef609638f2d8b6067211d1869eec6915c79427c00e3ce2876237b67a309d5ca26a9efc996632dfae14cd00932da23d1a18671ec8302d483d7d0269dfa1b470aede499c2eec7a1acd8f4c336916abc982609097d6175d7be00162de8c845fdc7bf43ccfdd71914b1997c7a1024fedf58217da84f883634d3621bda14f030b2f9abe18b419fbed10afc2cdcf16a0e528f4f3bb88a0095ce46a9769098b6931047099a3754ad67af330363f7f1fa8fcb5348cc196713671526fe3a5ffa4d71704765c35381c98d93d67a6c2022984b0e342080a93e8035f1ee91ca8e2ae4b7b84a8348f45de59da81657358fa8118e0e9142b901bbebe62234376c780fcaeea556bd5464466b485b717616a715750c5a42793a4e63da2bd2eaf3c32cebfe422a09a63e10939c8e3ff09344b1444fd94b128c0fec843f5a5612da1c5a4dbcc26f00d5f0096678994684d185e5cc981b096ad5dac5d065c77ad82c5e55815a418243b0738222328f45ff68dd5df9ef0a3c3e80b0d5c1e4a2c493c586508de415ba012745acf3a2205392007b606bc60447613a2ed807b9f6734956b0a3738ff861f2462a1151c1e0f72d06ab683db3207c8d4a2694a351251553c3b157b9cd6b9b58677c6122725ecf942af77d55f98c9c3c3c57070c8b56bf4b44ef6c57118029658adffd9efe70fcf48279b51ca712f713a10305e05411ab4a772ccb1db9c417a7a85f1ccce2230ce4eac3c1d6000e1899a2c15256d166894331feab11ea9a061f795c5fc33db829a274faf53abb7f950150d54956702e0327e196b01ed898ffbbeffcbefa309d05487f73fb9953d0921b6e61928a97220d22e1ca2c6d3ce96d2760df3d54fef128e2f94a77be6f21d2dfbcf2ef820600b8bb23e4440103c5d563e8707a6b24119da6e09690836708e75b8899322ff576a42a6327195b860e0e3446d3f1c7cf5aa34c3e19e634dd4c9187fc50a872c6999ef74434933183b1e73bd016236cbc66d6afd03ec17cb7adc3bdd50fcce958a63232af040c6d85ac86471ec799a7cb5c61bc7721e0d666631079a0436afd34ccb6a56a13116bb0b75901aed857b3470445aeae6e1dc6ad85185f73c2c62f33f84a0b1f49be0e4771557d5cf6421be4653d03b05120445df9ce27a0229be0f82fa7bb6d0224d9f173c9194a44332ef319445b5c703ec2ace62a4274f1b8aae052d23cb4f882c588f9264f6fd3a8fdd2f294843889e0a17a972be762af42187fd1db1ca5263676019a2a791dcd858b1145f14b00d52894da4ed76172d5f4bac67b2477c33ae34c45d709bc4b91ffabc93bfb76af48f3b1769078e40f0ba4568e4933d0aa949a4076608f41fa7e72da020c9806d4a12d823cc0ef68eca6d8070e81f99c3520cba59172aeeb0282026e0aab3933ad106fd372cc0dc076f7cf529d3ea6b76c1a9470cfc75656a4b1942bdd2bf9bd50d351c58b2c45a427427ca9d85c5709600627ea3148dd7fdcd5e4398e038c74029c9fb79be4ae91d56402ce72a3b081f31ca932c5865e59079dc19951f4232a34221fccece8876a1d502488409e63bc87278df786c38ed2a190bd9bcdec37bcff76ce83d3a093c811c12979635c36c683e49acb3b80b7a543c17280d1a9734f169b60f1f5979c7b4f6623f6ba156cd3e1b1f3012dda09c65e30cf2558ccc4a3eabed4371cd8f2771ede1b96ced65edd40dcb5309be3b7d9c34c5fa248b72c2d1a21530a62493f4c34ea0179dbbac8bbea19a330481123d8d86612fc19ac27da32c6a433ad78ce368435b1f8e5aed69c5bc76bf6e28101539467be9ead408ae4d0534f72bd604f53a74c245ac47c223ef2e404d476736815bb4aaf390faf0c27472182df97f506b38fa8be3ddfc1353c790e0a2464212ccd596e0bcd2ad36027a2d4f21095d5ffff9c719af565089a8d3d468ecf8345e9354375036c8c854d122ba4ed3a7d9f23019568c0f19318f85606bd8516f4291df0bf54dd0ddea15fe618a328f7c40aa857c7dfa26aaf7964e1513b745265beb1e6bf8395160ffe70c84320739fe7571c7eb717dab0772a08789c6d835c314328624ac6dbee89625a9666217d2fc8c7cb1a880665df7423d3d253509755a48dc25d19ba7612becd06c99113ad7e7f1f7395adcc21d8773e23ea151612ea0ab6351ac883e07b34e12486e44e78e1865b66105f38be4de8e01135796b93c5d34da24ad11a2726665d82f7e02067409566db54bb9352bdba094b414813c6135146e008359217c9e919f4e34ce8e27df171e2a2c428c1a90cd08bcc423744c2d8ec2ca3b1309d78215fc5eb608e0c19fcc8ea1178bf1edbc9e38ead18538e1f835b1fffd779a14ef4208dfaf3a57520faa3bbf354c2224fb08e225202c1d6ee7e2263aff48978f35fd3a498037107613aec29ce36e40bd5b573bbf7f0d018fa63752abd0f75b3a89dafe708ef6af057fcc40c392474403f4abf28dd7a01ecb9b07f6c0fdbfb873688e873ea6db4428ced410812c43db030282aa0e87a8414db5888e6d1c67cf179a53be20ea9e94e2fc2fd2e54f8e41aae5292be6562997f13c53e342a5dbfdb0604150d2b57cc76f60f1299d635d39302e12f196d108350af52b83eb3bbcd906c6ae2e47e07ed46748c1f7d643ee78bfc78c0b54faab7dfc4fef2c5760983c76eea97b55c1f92aa0222283fd3f0d58b61f4449eb8cf6563838c65dea55c27f92e8bd50bd5ce9a322614890eaea896b7800f2a5d0609fecad9422670146160904c2311b6c526f5d26bc47e21ff218f7edefbfa60e1de91418ba624216d433a50975a0385e69bdd0b95998677bf26cf6647c19505edc67481e5811ab4cb8d01811ee0aaa64081a3f9b1c358d734ee7e6637b0ecc9c425e206a74b9e27c7955954bf2f98f3e308ee24fc3275069ee9a12c69a3aeb47e7b2d467f73eb60791bd4d3a310ad282587e0c947da9058bd31c29e4f2ad7e7617bee221b83d270b390abe551cfe7f8aa80be02cfcfc54eec80dda607aa8ecdfa951ad8512bc23a46e81e62bfdd9c47999e2399651f640225afc8d0b04ffbcc2ec7b3577d4fc47211ed17fbf2bf763b7ed836a5f8e968b99939afe5b338d71654e995ae846df4924441bf5fa199030ea9efeb7bbb4b25c8353d22099c1daeddf8fc6bb7aa58f022d230be07a03ec1e5c170ebab3d5391359a2d6216197be9b09e3a2afc8ef0b8854f39c71d5b674e8ff9933c947b883c0d098db05132ac03fca902579277d32608ccbd6772c50a5485cd362d434194756c5eaba02f0933ea8fe4b420e887725d3315149d4ac9188ab6a3e86c8542437f2485ed5b131d63398aa327749979c7479f34b8b8f927379dc25416bd7b0f5c8be435f141db0e7c70cf722e95995b58b697146872564c438c9c76e3e34a9a4f5a17322a02ccb5519c02a9331e375fa4548e5fe48aced5c55d2623fb3da96790e99aa7e48019dd21d8e34c0129e5f7b1281c7567c91b4f961c551e412f0a3ba4ea58d02bccbbd7614f53b861ceaf79ae119bd2b80591f334d20afd8aa76ddad397c412a8bb20fbe4dc79b426d46e38a2313691c12690a1ee87bf7f396d511117ff672de5f1482c86c55599f75d15d7a2f9516f691efc744363c8239ed5c356f5f526295b3c456dbf6b36645f77b8ea65b6e2af98fc388a0cb9d12bc1c0b6820dea1c59e57ae40b5e1e787d176951065df74ab2876e79f4c7097a0c4720255dd19e7b8eb21eefa9140162e8371c65c7ad8352798f45010aa67054d8605291ccd05e5480b694dcfafaf70a18a32962bd86b0d43206fda6dd627ac2898afc6512f0fc11bf2283daf8acacbfa2121d582c39019d2b53cad2e9c41982640a04f9b5bdff149d530ed0c6dd6316ea39198136fede3041ee8e8b9974a8e9f2dbfa34cfdeb1364a9a89b5e1ef0101d2b0e224bd9e45a9b229a4aedf721f5a51ebcccd57a15ccb7040a6d9c87805dba815e7f1bf05aa43a8ec4492e230946e4484731961fc6a2e8e9273bb1a23205cc58f567f1c4717c857e763dc842fa52ca74f0ab40c7b9b500f12ae15b373bd570b56be4ea63a9239562002d64c5aee180bb9ace5da436b00d862d8a126f8c4b27c64d998f883d96b38f524e4fafe9ace98157a5df93c19e1fe1abe4f34f5365408f949d904290474681d005ef585b09bf384286ca53daa35c18d1a1b0917ed1ee9fd24752d599030ca781baa12956f01d5608e2cb4b71d368e6d2ed84e59948cb1f9a45f516b54147d0fa95a14537adafacd84b4d09115115b44bb43dd3576521c10125ad8236d111bd5695e7b3e1524fd0f5a4ab5a739ed8d324381cfb7566b5c7bd1c47e80bdd233395cf670e5ce231dd8202396a95e7a6f74a81cf431844cd01334edc773973de7942366efed2d1de76cfd3053b40b2a7013085fc161a85a537bbd43573eb22d1135a24f043a323d9078a8cf66a6a1c01e47692f5c11b0870f69cf8387d394da6af65f4de48ac0e8515128308eeeaa02c6753b92a46534fe2d0fce65c3b01fc97afa52485bedc66116c8afcbe6ee465d59e3020cbd13fe2eb35dd62fca9d875dbc30070fe31391f9660a228146cbd41ee3e967c5bf13f75738f1c556da380a97c5d36e397ebfae6ded038b712fb0c0d4ca12eba4550c5e927e2430423a8065471859ea99a558f800dd1876244ad4342d339eb0610b28feb8371a688683b644654057052c46e93abb76617486817d955a25420a23d3d3fbb85d", 0x1000}, {&(0x7f0000001300)="2175da9f68fd0041909c1a7728ca4804cb79aae2d770490555f0eeffcec991bacf985dbe5314c1e7d2e0bcfa451f4815e4b30a226eb80f6bc80916db53786a67d510e94aad63d94b60f080f40c8383307ff202236cddb1", 0x57}], 0x1000000000000029)
r1 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0xcc0, 0x10000)
ioctl$VT_ACTIVATE(r1, 0x5606, 0x8)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f0000000080)=0x800000000000001)
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0x2, 0x7ff, 0x5, 0x7, 0x4, 0x10001}, 0x2}, 0xa)

[  963.836311] FAT-fs (loop3): bogus number of reserved sectors
[  963.842324] FAT-fs (loop3): Can't find a valid FAT filesystem
[  963.929163] overlayfs: missing 'workdir'
03:44:46 executing program 4 (fault-call:2 fault-nth:26):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:46 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xfffffff0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:46 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getpeername(r0, &(0x7f0000000100)=@generic, &(0x7f0000000000)=0x80)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x0], 0x2})
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x2, 0xffffffffffff3c46, 0x401, 0xfffffffffffffff7, 0x4, 0x7fffffff, 0x1, 0xfe, 0x1, 0xafd4, 0xfffffffffffffff9, 0x10000})

[  964.126879] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  964.162316] FAULT_INJECTION: forcing a failure.
[  964.162316] name failslab, interval 1, probability 0, space 0, times 0
[  964.175909] CPU: 1 PID: 12773 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  964.184453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.193817] Call Trace:
[  964.196430]  dump_stack+0x244/0x39d
[  964.200087]  ? dump_stack_print_info.cold.1+0x20/0x20
[  964.205272]  ? __kernel_text_address+0xd/0x40
[  964.209764]  ? unwind_get_return_address+0x61/0xa0
[  964.214693]  should_fail.cold.4+0xa/0x17
[  964.218774]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  964.223873]  ? save_stack+0x43/0xd0
[  964.227503]  ? kasan_kmalloc+0xc7/0xe0
[  964.231390]  ? kmem_cache_alloc_trace+0x152/0x750
[  964.236226]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  964.241403]  ? __list_lru_init+0x4d6/0x840
[  964.245625]  ? zap_class+0x640/0x640
[  964.249325]  ? mount_nodev+0x38/0x120
[  964.253126]  ? ovl_mount+0x34/0x40
[  964.256662]  ? legacy_get_tree+0x131/0x460
[  964.260893]  ? vfs_get_tree+0x1cb/0x5c0
[  964.264865]  ? do_mount+0x70c/0x1d90
[  964.268566]  ? ksys_mount+0x12d/0x140
[  964.272368]  ? __x64_sys_mount+0xbe/0x150
[  964.276521]  ? find_held_lock+0x36/0x1c0
[  964.280589]  ? __lock_is_held+0xb5/0x140
[  964.284650]  ? perf_trace_sched_process_exec+0x860/0x860
[  964.290104]  __should_failslab+0x124/0x180
[  964.294344]  should_failslab+0x9/0x14
[  964.298144]  kmem_cache_alloc_trace+0x2d7/0x750
[  964.302816]  ? __kmalloc_node+0x3c/0x70
[  964.306780]  ? __kmalloc_node+0x3c/0x70
[  964.310764]  ? rcu_read_lock_sched_held+0x14f/0x180
[  964.315781]  __memcg_init_list_lru_node+0x185/0x2d0
[  964.320799]  ? kvfree_rcu+0x20/0x20
[  964.324441]  ? __kmalloc_node+0x50/0x70
[  964.328418]  __list_lru_init+0x4d6/0x840
[  964.332481]  ? list_lru_destroy+0x500/0x500
[  964.336795]  ? up_write+0x7b/0x220
[  964.340324]  ? down_write_nested+0x130/0x130
[  964.344726]  ? down_read+0x120/0x120
[  964.348432]  ? init_wait_entry+0x1c0/0x1c0
[  964.352665]  ? prealloc_shrinker+0x172/0x340
[  964.357104]  alloc_super+0x907/0xb40
[  964.360820]  ? destroy_unused_super.part.10+0x110/0x110
[  964.366176]  ? sget_userns+0x17c/0x850
[  964.370063]  ? lock_downgrade+0x900/0x900
[  964.374215]  ? kasan_check_read+0x11/0x20
[  964.378366]  ? do_raw_spin_trylock+0x270/0x270
[  964.382939]  ? security_capable+0x99/0xc0
[  964.387081]  sget_userns+0x278/0x850
[  964.390783]  ? get_anon_bdev+0xc0/0xc0
[  964.394660]  ? vfs_get_super+0x270/0x270
[  964.398721]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  964.404278]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  964.409808]  ? ns_capable_common+0x13f/0x170
[  964.414216]  ? get_anon_bdev+0xc0/0xc0
[  964.418104]  sget+0x10b/0x150
[  964.421232]  ? ovl_show_options+0x550/0x550
[  964.425541]  mount_nodev+0x38/0x120
[  964.429160]  ? ovl_own_xattr_set+0x10/0x10
[  964.433383]  ovl_mount+0x34/0x40
[  964.436740]  legacy_get_tree+0x131/0x460
[  964.440795]  vfs_get_tree+0x1cb/0x5c0
[  964.444582]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  964.449326]  do_mount+0x70c/0x1d90
[  964.452856]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  964.458389]  ? copy_mount_string+0x40/0x40
[  964.462615]  ? copy_mount_options+0x5f/0x430
[  964.467026]  ? kmem_cache_alloc_trace+0x353/0x750
[  964.471896]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  964.477425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  964.482962]  ? copy_mount_options+0x315/0x430
[  964.487470]  ksys_mount+0x12d/0x140
[  964.491092]  __x64_sys_mount+0xbe/0x150
[  964.495058]  do_syscall_64+0x1b9/0x820
[  964.498936]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  964.504297]  ? syscall_return_slowpath+0x5e0/0x5e0
[  964.509227]  ? trace_hardirqs_on_caller+0x310/0x310
[  964.514245]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  964.519261]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  964.525925]  ? __switch_to_asm+0x40/0x70
[  964.529990]  ? __switch_to_asm+0x34/0x70
[  964.534053]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  964.538890]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  964.544078] RIP: 0033:0x457569
[  964.547280] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  964.566172] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
03:44:47 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x408, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:47 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)
mkdir(&(0x7f0000001700)='./file1\x00', 0x0)

03:44:47 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xa0020000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:47 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x406, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x7ff, 0x0, 0x4, 0x3, 0x3f, 0x6, 0x3bf, 0x40, 0x27b, 0x3f, 0x4, 0x38, 0x2, 0x2, 0xd6, 0x80000000}, [{0x3, 0x400, 0x9, 0x4, 0x4, 0x0, 0x4, 0x7}], "79f23ad74a8a7d1eeab6d8ae193eb13c288bafd1432f14812e418b7aee71e00d29aa00f1df6c427d9857c46da6e9c400b2e82ec7603f2ab1c27f2e8dfe82451835294b78efac132fa41467b077eb63f767dda2560c5ba5d29dbe254fa11abe21eae0c4138fe4b1728ec0463618a3e45a8b2936d0b9c71f792e270e62d40457f0034775cc7a516ac39c904d0ab51ae890ffc22bc52c2dd6e7a80601a94fd3cc30155bcaaf07893f2650b2113142e3431822b4008a2479da1a3170eb37719c1f81de225e7ffe", [[], []]}, 0x33d)
write$P9_RSTAT(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="5c0000007d0200000055000500000000801202000000000000000000000000000880ffffffff00100000200000000000000005006772653023c0b110c914337a6830235e73797374656d152925212d2d707070105b2304002447504c"], 0x5c)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e22, @multicast1}, {0x6, @broadcast}, 0x8, {0x2, 0x4e20, @local}, 'gre0\x00'})
fcntl$setstatus(r0, 0x4, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000080)=0x8224)

[  964.573870] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  964.581122] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  964.588381] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  964.595656] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  964.602914] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:47 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:47 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
io_setup(0x3, &(0x7f0000000000)=<r2=>0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000140)={0x1000, 0x100000})
clock_gettime(0x0, &(0x7f0000000180)={<r3=>0x0, <r4=>0x0})
io_getevents(r2, 0xffffffffffffffc3, 0x1, &(0x7f0000000200)=[{}], &(0x7f00000001c0)={r3, r4+30000000})

03:44:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VHOST_GET_FEATURES(r1, 0x8008af00, &(0x7f0000000000))
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:47 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:47 executing program 4 (fault-call:2 fault-nth:27):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  964.693587] FAT-fs (loop3): bogus number of reserved sectors
[  964.730601] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:47 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xffffff9e, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  964.842454] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000200)={0x7, 0x3, 'client1\x00', 0x0, "4432c7b4ac333517", "888d104392e3fcb644e494ab84643e63bb2167d722c7c07fb546a20484e50719", 0xc6, 0x7})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000000)={<r2=>0x0, 0x10, "85e48c14ccf885ee0705c25386a43ace"}, &(0x7f0000000080)=0x18)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2, 0x1}, &(0x7f00000001c0)=0x8)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
write$FUSE_STATFS(r1, &(0x7f0000000100)={0x60, 0x0, 0x5, {{0x9, 0x4, 0x4, 0xfff, 0x3, 0x1, 0x1, 0x8}}}, 0x60)

[  964.888249] FAULT_INJECTION: forcing a failure.
[  964.888249] name failslab, interval 1, probability 0, space 0, times 0
[  964.924069] CPU: 0 PID: 12809 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  964.932609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.941973] Call Trace:
[  964.944590]  dump_stack+0x244/0x39d
[  964.948239]  ? dump_stack_print_info.cold.1+0x20/0x20
[  964.953455]  ? __kernel_text_address+0xd/0x40
[  964.957969]  ? unwind_get_return_address+0x61/0xa0
[  964.962925]  should_fail.cold.4+0xa/0x17
[  964.967002]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  964.972130]  ? save_stack+0x43/0xd0
[  964.975770]  ? kasan_kmalloc+0xc7/0xe0
[  964.979672]  ? kmem_cache_alloc_trace+0x152/0x750
[  964.979689]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  964.979712]  ? __list_lru_init+0x4d6/0x840
[  964.979733]  ? zap_class+0x640/0x640
[  964.994227]  ? mount_nodev+0x38/0x120
[  964.994245]  ? ovl_mount+0x34/0x40
[  964.994259]  ? legacy_get_tree+0x131/0x460
[  964.994271]  ? vfs_get_tree+0x1cb/0x5c0
[  964.994284]  ? do_mount+0x70c/0x1d90
[  964.994296]  ? ksys_mount+0x12d/0x140
[  964.994309]  ? __x64_sys_mount+0xbe/0x150
[  964.994331]  ? find_held_lock+0x36/0x1c0
[  964.994353]  ? __lock_is_held+0xb5/0x140
[  965.001880]  ? perf_trace_sched_process_exec+0x860/0x860
[  965.001913]  __should_failslab+0x124/0x180
[  965.013665]  should_failslab+0x9/0x14
[  965.013685]  kmem_cache_alloc_trace+0x2d7/0x750
[  965.013709]  ? __kmalloc_node+0x3c/0x70
[  965.013728]  ? __kmalloc_node+0x3c/0x70
[  965.021411]  ? rcu_read_lock_sched_held+0x14f/0x180
[  965.021447]  __memcg_init_list_lru_node+0x185/0x2d0
[  965.021469]  ? kvfree_rcu+0x20/0x20
[  965.021489]  ? __kmalloc_node+0x50/0x70
[  965.047214]  __list_lru_init+0x4d6/0x840
[  965.047237]  ? list_lru_destroy+0x500/0x500
[  965.047257]  ? up_write+0x7b/0x220
[  965.055902]  ? down_write_nested+0x130/0x130
[  965.055919]  ? down_read+0x120/0x120
[  965.055940]  ? init_wait_entry+0x1c0/0x1c0
[  965.069927]  ? prealloc_shrinker+0x172/0x340
[  965.069958]  alloc_super+0x907/0xb40
[  965.069981]  ? destroy_unused_super.part.10+0x110/0x110
[  965.069999]  ? sget_userns+0x17c/0x850
[  965.081659]  ? lock_downgrade+0x900/0x900
[  965.081684]  ? kasan_check_read+0x11/0x20
[  965.081715]  ? do_raw_spin_trylock+0x270/0x270
[  965.115331]  ? security_capable+0x99/0xc0
[  965.115362]  sget_userns+0x278/0x850
[  965.115379]  ? get_anon_bdev+0xc0/0xc0
[  965.123420]  ? vfs_get_super+0x270/0x270
[  965.123466]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  965.123510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  965.132209]  ? ns_capable_common+0x13f/0x170
[  965.132229]  ? get_anon_bdev+0xc0/0xc0
[  965.132243]  sget+0x10b/0x150
[  965.132270]  ? ovl_show_options+0x550/0x550
[  965.144024]  mount_nodev+0x38/0x120
[  965.144046]  ? ovl_own_xattr_set+0x10/0x10
[  965.144062]  ovl_mount+0x34/0x40
[  965.144081]  legacy_get_tree+0x131/0x460
[  965.153677]  vfs_get_tree+0x1cb/0x5c0
[  965.153694]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  965.153722]  do_mount+0x70c/0x1d90
[  965.163666]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  965.163689]  ? copy_mount_string+0x40/0x40
[  965.163717]  ? copy_mount_options+0x5f/0x430
[  965.170708]  ? kmem_cache_alloc_trace+0x353/0x750
[  965.170731]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  965.170753]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  965.178693]  ? copy_mount_options+0x315/0x430
[  965.178724]  ksys_mount+0x12d/0x140
[  965.178743]  __x64_sys_mount+0xbe/0x150
[  965.186341]  do_syscall_64+0x1b9/0x820
[  965.186362]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  965.186390]  ? syscall_return_slowpath+0x5e0/0x5e0
[  965.186410]  ? trace_hardirqs_on_caller+0x310/0x310
[  965.186443]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  965.186470]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  965.194314]  ? __switch_to_asm+0x40/0x70
[  965.194327]  ? __switch_to_asm+0x34/0x70
[  965.194350]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  965.194377]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  965.194389] RIP: 0033:0x457569
[  965.194406] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  965.194420] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  965.202724] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  965.212478] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:44:48 executing program 2:
r0 = openat(0xffffffffffffffff, &(0x7f00000005c0)='./file0\x00', 0x50800, 0x20)
getsockopt$packet_buf(r0, 0x107, 0x17, &(0x7f0000000600)=""/168, &(0x7f00000006c0)=0xa8)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000280)=0xc)
fstat(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getegid()
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000740)={0x0, <r7=>0x0}, &(0x7f0000000700)=0xc)
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x8001, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="a3e33e779708e625ccb968e7e590a35f0e838f28997e446dc16cfb8cdf4b944950012fa4cef389c5f6aed33e9b4bf848e7c987f198121151dbf63c605a97fff3a7ce62d7a8b8924ed4fa87fa16b80a628feeb8e1865b8a5dd3e865b585856aaded7fa8924ec21d815af7f28c09825faaff071b318b4275c66db54941fa80d124f4fb85dff86224e51a24468655ca31640996bbb77bb3b0", 0x97, 0xfffffffffffffff8}, {&(0x7f00000001c0)="00e1aa762c898321637cffff18cc46c9fd404cc19c9b", 0x16, 0x80}], 0x0, &(0x7f0000000480)={[{@gid={'gid', 0x3d, r3}}, {@decompose='decompose'}, {@nls={'nls', 0x3d, 'default'}}, {@session={'session', 0x3d, 0x9}}, {@part={'part', 0x3d, 0x8}}, {@decompose='decompose'}, {@session={'session', 0x3d, 0xffffffff}}, {@uid={'uid', 0x3d, r4}}, {@gid={'gid', 0x3d, r5}}, {@nobarrier='nobarrier'}], [{@fowner_eq={'fowner', 0x3d, r6}}, {@euid_gt={'euid>', r7}}, {@appraise_type='appraise_type=imasig'}, {@dont_measure='dont_measure'}, {@audit='audit'}, {@smackfshat={'smackfshat', 0x3d, '^[user.wlan1'}}, {@seclabel='seclabel'}]})
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r2, 0x800448d5, &(0x7f00000000c0))

03:44:48 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x8001a0ffffffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:48 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x3000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:48 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))

03:44:48 executing program 4 (fault-call:2 fault-nth:28):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:48 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
r1 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local, <r3=>0x0}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00', <r4=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local, <r5=>0x0}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00', <r8=>0x0})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2, <r9=>0x0}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local, <r17=>0x0}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={<r20=>0x0, @loopback, @local}, &(0x7f0000007400)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000007a00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000079c0)={&(0x7f0000007440)={0x560, r2, 0x8, 0x70bd29, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0xc0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xff}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r8}, {0x150, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6834}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x40, 0x0, 0x983}, {0x8, 0x0, 0x800, 0xac0}, {0x2b, 0x6, 0x81, 0x171}, {0xfffffffffffffffe, 0x9, 0xff, 0x401}, {0x1, 0x5, 0x2, 0xffffffffffffff81}]}}}]}}, {{0x8, 0x1, r10}, {0x14c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x24, 0x4, [{0x3f, 0xffffffffffffff80, 0x7, 0xab05}, {0x9, 0x4, 0x4, 0x3}, {0x5, 0x81, 0x27, 0x1}, {0x50, 0x7fffffff, 0x6, 0xffffffffffffffff}]}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r13}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x138, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xc5}}, {0x8, 0x6, r17}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r18}}}]}}, {{0x8, 0x1, r19}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r20}}}]}}]}, 0x560}, 0x1, 0x0, 0x0, 0x80}, 0x0)

[  965.212488] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  965.212498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  965.212508] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:48 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x9effffff00000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  965.444723] FAT-fs (loop3): bogus number of reserved sectors
[  965.445779] hfsplus: gid requires an argument
[  965.458648] FAT-fs (loop3): Can't find a valid FAT filesystem
[  965.473144] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:48 executing program 1:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x40000, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000200))
setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000140)={'nat\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000100)=[{}, {}], 0x0, [{}, {}]}, 0x98)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
write$UHID_GET_REPORT_REPLY(r2, &(0x7f0000000000)={0xa, 0x8, 0x0, 0x9}, 0xa)
ioctl$FS_IOC_SETVERSION(r2, 0x400448e7, &(0x7f00000000c0))

[  965.505260] hfsplus: unable to parse mount options
[  965.517000] FAULT_INJECTION: forcing a failure.
[  965.517000] name failslab, interval 1, probability 0, space 0, times 0
[  965.595362] CPU: 1 PID: 12844 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  965.603911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  965.613272] Call Trace:
[  965.615884]  dump_stack+0x244/0x39d
[  965.619539]  ? dump_stack_print_info.cold.1+0x20/0x20
[  965.624754]  ? __kernel_text_address+0xd/0x40
[  965.629262]  ? unwind_get_return_address+0x61/0xa0
[  965.634214]  should_fail.cold.4+0xa/0x17
[  965.638297]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  965.643421]  ? save_stack+0x43/0xd0
[  965.647071]  ? kasan_kmalloc+0xc7/0xe0
[  965.650965]  ? kmem_cache_alloc_trace+0x152/0x750
[  965.650982]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  965.650996]  ? __list_lru_init+0x4d6/0x840
[  965.651015]  ? zap_class+0x640/0x640
[  965.661039]  ? mount_nodev+0x38/0x120
[  965.661056]  ? ovl_mount+0x34/0x40
[  965.661070]  ? legacy_get_tree+0x131/0x460
[  965.661088]  ? vfs_get_tree+0x1cb/0x5c0
[  965.672816]  ? do_mount+0x70c/0x1d90
[  965.672830]  ? ksys_mount+0x12d/0x140
[  965.672843]  ? __x64_sys_mount+0xbe/0x150
[  965.672865]  ? find_held_lock+0x36/0x1c0
[  965.684605]  ? __lock_is_held+0xb5/0x140
[  965.684639]  ? perf_trace_sched_process_exec+0x860/0x860
[  965.684675]  __should_failslab+0x124/0x180
[  965.692191]  should_failslab+0x9/0x14
[  965.692218]  kmem_cache_alloc_trace+0x2d7/0x750
[  965.692238]  ? __kmalloc_node+0x3c/0x70
[  965.700447]  ? __kmalloc_node+0x3c/0x70
[  965.700468]  ? rcu_read_lock_sched_held+0x14f/0x180
[  965.700491]  __memcg_init_list_lru_node+0x185/0x2d0
[  965.709994]  ? kvfree_rcu+0x20/0x20
[  965.710013]  ? __kmalloc_node+0x50/0x70
[  965.710037]  __list_lru_init+0x4d6/0x840
[  965.718061]  ? list_lru_destroy+0x500/0x500
[  965.718082]  ? up_write+0x7b/0x220
[  965.718100]  ? down_write_nested+0x130/0x130
[  965.726732]  ? down_read+0x120/0x120
[  965.726754]  ? init_wait_entry+0x1c0/0x1c0
[  965.726770]  ? prealloc_shrinker+0x172/0x340
[  965.726797]  alloc_super+0x907/0xb40
[  965.726819]  ? destroy_unused_super.part.10+0x110/0x110
[  965.735792]  ? sget_userns+0x17c/0x850
[  965.735813]  ? lock_downgrade+0x900/0x900
[  965.735836]  ? kasan_check_read+0x11/0x20
[  965.744494]  ? do_raw_spin_trylock+0x270/0x270
[  965.744513]  ? security_capable+0x99/0xc0
[  965.744542]  sget_userns+0x278/0x850
[  965.744554]  ? get_anon_bdev+0xc0/0xc0
[  965.744576]  ? vfs_get_super+0x270/0x270
[  965.752608]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  965.760483]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  965.760504]  ? ns_capable_common+0x13f/0x170
[  965.768618]  ? get_anon_bdev+0xc0/0xc0
[  965.768634]  sget+0x10b/0x150
[  965.768657]  ? ovl_show_options+0x550/0x550
[  965.777290]  mount_nodev+0x38/0x120
[  965.777311]  ? ovl_own_xattr_set+0x10/0x10
[  965.777327]  ovl_mount+0x34/0x40
[  965.777346]  legacy_get_tree+0x131/0x460
[  965.777367]  vfs_get_tree+0x1cb/0x5c0
[  965.786430]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  965.786461]  do_mount+0x70c/0x1d90
[  965.786484]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  965.794517]  ? copy_mount_string+0x40/0x40
[  965.794538]  ? copy_mount_options+0x5f/0x430
[  965.794560]  ? kmem_cache_alloc_trace+0x353/0x750
[  965.794580]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  965.794602]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  965.803317]  ? copy_mount_options+0x315/0x430
[  965.803339]  ksys_mount+0x12d/0x140
[  965.803358]  __x64_sys_mount+0xbe/0x150
[  965.811228]  do_syscall_64+0x1b9/0x820
[  965.811249]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  965.811269]  ? syscall_return_slowpath+0x5e0/0x5e0
[  965.819221]  ? trace_hardirqs_on_caller+0x310/0x310
[  965.819248]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  965.830337]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  965.830355]  ? __switch_to_asm+0x40/0x70
[  965.830373]  ? __switch_to_asm+0x34/0x70
[  965.838672]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  965.838704]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  965.846123] RIP: 0033:0x457569
[  965.846142] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  965.846150] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
03:44:48 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup3(r0, r0, 0x80000)
ioctl$BLKALIGNOFF(r1, 0x127a, &(0x7f0000000140))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r2=>0x0, @broadcast, @remote}, &(0x7f0000000200)=0xc)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={@mcast1, @mcast2, @empty, 0x1, 0x8, 0x7f, 0x500, 0x40, 0x0, r2})
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000080), &(0x7f0000000100)=0x4)
r3 = fcntl$dupfd(r0, 0x0, r0)
kexec_load(0x7a5, 0x3, &(0x7f00000004c0)=[{&(0x7f00000002c0)="60e93bcdedae10be4cd36cc27c501e93081846008c7ca3dc911598e3f45310f9914e42886ddde84969f26f6f13bae4f7a2730ee7b06ff8f7f4c03ad3840559b9572d982e047363d7821f94a4ac26b2f5e6282f1147094f6e2e8eae6ae6b04588c8214e49631027164926d79f2edee925cad3b4e59855694a7e9600199aa62fec2cf23933e36babf0f5b1dfae1c564fa3881a628538efff1bdcd3fa381b8d03794a22b846d59f57b212114981de235f8cee117b12f71932b028732ca60155e613d4304d083ba86332956a2f7a2a32a1229e7c8989b04926c856e2761e6c6d0e276fa6d980cb0fb2bbfb001c451405", 0xee, 0x6, 0x40}, {&(0x7f00000003c0)="0d3e28d37987ef50d24f47f335631a88b5c992380c169fdce349b693a7fb3782fe006eab7b768d1147531f98a5e5dc42ca6e18f8c2505015eec6bb70140a21d7ee3de078714a3c30bbc1d597ab6ec1091818fe6f781382570ae833ef337c975bcfa79064a4a10ca6d1a9f64f1f", 0x6d, 0x5, 0xcdc}, {&(0x7f0000000440)="df1fbdc21bee368323c7128731405c2dfd10e8991b88c5dadf5cbc9fb81033575626a15be76e572a17ab1a317a854303bf7f45b89110ff60e8635b98f9e92257a02e88839b5a777b273c91006b35304a4fe1e6ba1c3bc3dc30fc55ccb35e1c2caa6d42e0afde113b6d", 0x69, 0x8f}], 0x150001)
bind$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x7fff}, 0xffffffff}, 0xa)
write$UHID_DESTROY(r3, &(0x7f0000000000), 0x4)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f00000000c0))

03:44:48 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
ioctl$BLKSECTGET(r1, 0x1267, &(0x7f0000000000))

03:44:48 executing program 4 (fault-call:2 fault-nth:29):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:48 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xa0018000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:48 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={<r2=>0x0, 0x5, 0x30}, &(0x7f0000000100)=0xc)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000140)={0x100000001, 0x0, 0x8, 0x100000000, r2}, 0x10)
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000000)={0xfffffffffffffffc, 0x1f, 0x6, 0x3})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:48 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x400448e7, &(0x7f00000000c0))
getsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000), 0x2)

[  965.846166] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  965.846175] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  965.846185] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  965.846207] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  965.854043] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  966.109616] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  966.142005] FAULT_INJECTION: forcing a failure.
[  966.142005] name failslab, interval 1, probability 0, space 0, times 0
[  966.185210] CPU: 1 PID: 12875 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  966.193754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.203122] Call Trace:
[  966.205729]  dump_stack+0x244/0x39d
[  966.205767]  ? dump_stack_print_info.cold.1+0x20/0x20
[  966.205791]  ? __kernel_text_address+0xd/0x40
[  966.219102]  ? unwind_get_return_address+0x61/0xa0
[  966.224049]  should_fail.cold.4+0xa/0x17
[  966.228141]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  966.233276]  ? save_stack+0x43/0xd0
[  966.236922]  ? kasan_kmalloc+0xc7/0xe0
[  966.240821]  ? kmem_cache_alloc_trace+0x152/0x750
[  966.245690]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  966.250892]  ? __list_lru_init+0x4d6/0x840
[  966.255148]  ? zap_class+0x640/0x640
[  966.258890]  ? mount_nodev+0x38/0x120
[  966.258910]  ? ovl_mount+0x34/0x40
[  966.266257]  ? legacy_get_tree+0x131/0x460
[  966.266271]  ? vfs_get_tree+0x1cb/0x5c0
[  966.266283]  ? do_mount+0x70c/0x1d90
[  966.266295]  ? ksys_mount+0x12d/0x140
[  966.266312]  ? __x64_sys_mount+0xbe/0x150
[  966.286177]  ? find_held_lock+0x36/0x1c0
[  966.290268]  ? __lock_is_held+0xb5/0x140
[  966.294337]  ? trace_raw_output_task_rename+0xe8/0x140
[  966.294369]  ? perf_trace_sched_process_exec+0x860/0x860
[  966.294398]  __should_failslab+0x124/0x180
[  966.305107]  should_failslab+0x9/0x14
[  966.305125]  kmem_cache_alloc_trace+0x2d7/0x750
[  966.305147]  ? __kmalloc_node+0x3c/0x70
[  966.313171]  ? __kmalloc_node+0x3c/0x70
[  966.321807]  ? rcu_read_lock_sched_held+0x14f/0x180
[  966.330782]  __memcg_init_list_lru_node+0x185/0x2d0
[  966.335809]  ? kvfree_rcu+0x20/0x20
[  966.335827]  ? __kmalloc_node+0x50/0x70
[  966.335851]  __list_lru_init+0x4d6/0x840
[  966.343451]  ? list_lru_destroy+0x500/0x500
[  966.351829]  ? up_write+0x7b/0x220
[  966.355373]  ? down_write_nested+0x130/0x130
[  966.355388]  ? down_read+0x120/0x120
[  966.355407]  ? init_wait_entry+0x1c0/0x1c0
[  966.355427]  ? prealloc_shrinker+0x172/0x340
[  966.363554]  alloc_super+0x907/0xb40
[  966.372344]  ? destroy_unused_super.part.10+0x110/0x110
[  966.381395]  ? sget_userns+0x17c/0x850
[  966.385302]  ? lock_downgrade+0x900/0x900
[  966.385326]  ? kasan_check_read+0x11/0x20
[  966.385344]  ? do_raw_spin_trylock+0x270/0x270
[  966.393640]  ? security_capable+0x99/0xc0
[  966.402367]  sget_userns+0x278/0x850
[  966.406082]  ? get_anon_bdev+0xc0/0xc0
[  966.406105]  ? vfs_get_super+0x270/0x270
[  966.406136]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  966.414099]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  966.425132]  ? ns_capable_common+0x13f/0x170
[  966.429552]  ? get_anon_bdev+0xc0/0xc0
[  966.433453]  sget+0x10b/0x150
[  966.436577]  ? ovl_show_options+0x550/0x550
[  966.440911]  mount_nodev+0x38/0x120
[  966.444556]  ? ovl_own_xattr_set+0x10/0x10
[  966.448810]  ovl_mount+0x34/0x40
[  966.452195]  legacy_get_tree+0x131/0x460
[  966.456283]  vfs_get_tree+0x1cb/0x5c0
[  966.456299]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  966.456316]  do_mount+0x70c/0x1d90
[  966.456340]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  966.464895]  ? copy_mount_string+0x40/0x40
[  966.464916]  ? copy_mount_options+0x5f/0x430
[  966.464935]  ? kmem_cache_alloc_trace+0x353/0x750
[  966.464957]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  966.493045]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  966.498596]  ? copy_mount_options+0x315/0x430
[  966.503115]  ksys_mount+0x12d/0x140
[  966.506757]  __x64_sys_mount+0xbe/0x150
[  966.506780]  do_syscall_64+0x1b9/0x820
[  966.506799]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  966.506820]  ? syscall_return_slowpath+0x5e0/0x5e0
[  966.525003]  ? trace_hardirqs_on_caller+0x310/0x310
[  966.530037]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:44:49 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1000000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x20000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:49 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000073c0)={0x0, @loopback, @local}, &(0x7f0000007400)=0xc)

03:44:49 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f00000000c0)=0x7f, 0x4)
sendmmsg(r1, &(0x7f000000d8c0)=[{{0x0, 0x0, &(0x7f0000000500)}}], 0xff, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000001380)='/dev/usbmon#\x00', 0x5, 0x42)
sendto$inet6(r5, &(0x7f0000000080)="324d4dd3e134d52253053995db", 0xd, 0x0, &(0x7f0000000100)={0xa, 0x4e20, 0xfffffffffffffffd, @remote, 0x9}, 0x1c)
r6 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000008c0)={<r7=>0x0}, &(0x7f0000000900)=0xc)
r8 = geteuid()
stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$TIOCGSID(r6, 0x5429, &(0x7f0000000a00)=<r10=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000a40)={0x0, <r11=>0x0}, &(0x7f0000000a80)=0xc)
r12 = getegid()
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000ac0)=<r13=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000b00)={{{@in6=@mcast1, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000000c00)=0xe8)
r15 = getegid()
fcntl$getownex(r0, 0x10, &(0x7f0000000c40)={0x0, <r16=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000000c80)={{{@in=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000d80)=0xe8)
r18 = getgid()
r19 = getpid()
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000dc0)={0x0, <r20=>0x0}, &(0x7f0000000e00)=0xc)
fstat(r5, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000f00)={<r22=>0xffffffffffffffff, r6, 0x0, 0x10, &(0x7f0000000ec0)='*nodevvboxnet0{\x00'}, 0x30)
getresuid(&(0x7f0000000f40), &(0x7f0000000f80), &(0x7f0000000fc0)=<r23=>0x0)
getgroups(0x8, &(0x7f0000001000)=[0xffffffffffffffff, 0x0, 0x0, 0xee01, <r24=>0xee00, 0xee01, 0xee01, 0xee01])
r25 = fcntl$getown(r3, 0x9)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000001040)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r26=>0x0}}, {{@in=@loopback}, 0x0, @in=@dev}}, &(0x7f0000001140)=0xe8)
getgroups(0x2, &(0x7f0000001180)=[<r27=>0xffffffffffffffff, 0x0])
sendmsg$netlink(r5, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)={0x664, 0x23, 0x200, 0x70bd28, 0x25dfdbfc, "", [@nested={0x2b8, 0x57, [@generic="5e4f24a617e24cd598d18ff595e9e917fae2791a64aafe4efd7c58e1689eeeb735045ccadcb415b834fad9c40a6bc0c4eaf04e681717a380a264018c6c49b532e4e1f96e5318898231001f4f3543046f3d319afb4ca1ec7388e85a45cb419bfbce2e6052e6f2b9bd77a0916cfefce62cab439e40338dbd6ae91c6f0f218dc5036bdc31b7470092b4db3c869ffd97a6bae15eb6ef73cbac70a005a723faaec109791bedb8deb2af2d6ca64c130a8bfb009c8f71c5d8692bac704f594d5c28b3794186433188a9", @generic="6f9990c14f85fca79f33ee20eebefb0690e6f64b0bf8287c7464f5104f2258cedf0e98f42c2f3e7a99b9f333d94f0b8329cea53c7da16395c2e7d20c9273f03c1a6855bd9444d87abc6c505185242c8576e2ca627d7585d05cb33adece7ed46b7a41b33cc7963e7d29577040b33aea0425dc5c37237d65538d6e2976c4caa2f8da16dcc3025afc1be295a925be81e1e8f3f5e69a", @generic="380e707ba3b828495ffd42d1c4db9e1e8c89575a6c9e0a6e8136496da69e5306ef842228710ac3142e4db63f3d6421d3ad923b13ddafa9de0a9839bd8dcef9f50a2618b0e0aed195c978266d48676aa816ac693a8cc0e78550c0ab85a9", @typed={0xfc, 0x45, @binary="75c72363d3e9223798557a7ba1d534fdb924f8d9d9ca6423cb1df834f4fa9925f01649df436b3d02f767fe5c167c46a05381a5b1d920d79203611c2eaf2e4d622f462f8de7499a4d8167db0b5ac4f2fb5b1e1a83d2d71186346df1a546bb51ab43a9597f63a7c2ae83177e0c4ce2a3860b87e24846d519bc0236c89c09402e3a1e6c994d0b1ddb4920b6ade3a9477167adcbcfc9b84b4088ad8b71931ab377e88ad084e7ae40b228d525a10725c6b7deab70b393d422e854340e81563e695afa54d867623df63ded3a40158b66782fd92289f29705b5a6008e2c6732dadf2ae76f01913d3627a4216451cd225a7d24bef1aee36239d677ff"}]}, @generic="7d5f25e12ca9818f11cc9376638578358d65754cae19028d26ceaf1ada7e98e72e56de5cd3fb51cbb2bb3880549696c968d5f9a1bd1f9ed853595e58f6e1aa172bc8bcc85aab", @nested={0x1e4, 0x4, [@generic="9ffe879abe57f9a8ce6e8ccbd62be5439fc95d83bdaaa3162b710a00a6232cedabd6a148f74fa281fbd70bb8bfd239d7db2cf03c7a37b621c2e08f0defdc85d31f330ed4779b0dfce3ce05ad56b2299d20c3b0c625420fa74475b890da32b09e189096424b08450ab80bf4ed06a4a37572a0086a1b7206f111fd7a5994e7496c5b6346b7327856ccb6ca656763fe0ab783408f0c9c25e4eeb3e74a50264cae491aced4108240b5ee76449720c41d79178157c0f583cd4d02efc32ed16bee37b5ff956f4ed348d596", @typed={0xc, 0xe, @u64=0xa00000000000000}, @generic="2eb82e42c639ee181a60c94ac0bde151303545685f324d1f0e068709806906c79382a1929c7b89684e039000cd7d70bb7c158de8e5a63ff6fc62e2bacc92f1a5252051a68719d4c717a8b5837de09094d51e9e5720e745fc915f402ee5ed39da0320bd2e505321cd43bd20e890419a73926e0b0b35016d953d1ba629f5467d1b861431be836212bf0be53fc6e27e55fbecfeccd7f6596a3cd9eba487a8b17bb9770585b0f058162713f1feba4dc72ab97d8f5c8352ac8a9e6423cbc561ea9114851d10e2b3fff4a83dd76bef9d3af370f8db97e0c8fc92b75fe00727642f286d6d4566249edd39366c66", @generic="25d81763e0ed45751e5990c4273aaa128c3e3ef1dee91ba1c2ea8b4e16de152916"]}, @generic="5b1f611ca664d6881bf20780e86203b5810267c2dd560c11bdeaea4257e10517c0c91ff1c15db512d093a2cd60f3d340f44a1a4d5af3ed10ffef08887cadcb24be0880fd6576a8c26873683eb661e42b6ce7072d1a89031c2f379388434530bbae37e9f70d1c7c78233ac537f9d437defffbd4aa3388075495", @generic="63d349f1b2f9755e4dc0967cb68955f1548956a20f2ab983cdfab233298d25837fbd33784a3e5c8c1d4952a14aa81f7d2d5638a85a152fa386bb5e150031c8a92fef3f6b3846ae0277afbbcd7fe7123312f2844b2b8c36f95992d502672611df6f23167411e9db973fe5a352de6c28711ea031ac4a2959a0d96410c23c7d0760ddf2a6a1f0e9a09ee251f72773facdc81061cb87c609697beb7a7558c8d0e17dc58083c8d3fb19e81a9e4c8fdf0bedd90686b37006f77e1e8731ab895aa529a31e1792a7d13093d6ff867fd98e2351dce967dc835200cfb9ec7e90098cb234262007921970d4473a7b3a980aa338b7fd8e0ad9b35d40d365"]}, 0x664}], 0x1, &(0x7f00000011c0)=[@rights={0x30, 0x1, 0x1, [r0, r5, r0, r3, r6, r3, r1, r0]}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @cred={0x20, 0x1, 0x2, r16, r17, r18}, @cred={0x20, 0x1, 0x2, r19, r20, r21}, @cred={0x20, 0x1, 0x2, r22, r23, r24}, @cred={0x20, 0x1, 0x2, r25, r26, r27}], 0x110, 0x8000}, 0x40)
bind$bt_rfcomm(r6, &(0x7f0000000040), 0x2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x100, 0x0)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f0000000200)=0x4000000000000)
ioctl$TIOCMBIS(r6, 0x5416, &(0x7f0000000140)=0x8118)

[  966.535072]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  966.541759]  ? __switch_to_asm+0x40/0x70
[  966.545825]  ? __switch_to_asm+0x34/0x70
[  966.549912]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  966.554784]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  966.559986] RIP: 0033:0x457569
[  966.563195] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:44:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf0ffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:49 executing program 4 (fault-call:2 fault-nth:30):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:49 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000280)=0xd7d)
r2 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000000)={<r3=>0x0, 0x1420, 0x10}, &(0x7f0000000080)=0xc)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000100)={r3, @in6={{0xa, 0x4e21, 0xa0000000000000, @remote, 0x8}}}, 0x84)
ioctl$UI_END_FF_UPLOAD(r2, 0x406855c9, &(0x7f00000001c0)={0x2, 0x2, {0x55, 0x44, 0x1, {0x3, 0x3ff}, {0x14, 0x3}, @rumble={0x7ff, 0x3}}, {0x56, 0x7, 0x3, {0xf86}, {0xfffffffffffff6ed, 0x5}, @ramp={0x80, 0x0, {0x7, 0x80000001, 0x7, 0x9}}}})
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
modify_ldt$read(0x0, &(0x7f00000002c0)=""/41, 0x29)
ioctl$FS_IOC_SETVERSION(r2, 0x400448e7, &(0x7f00000000c0))

[  966.582106] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  966.582122] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  966.582132] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  966.582141] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  966.582151] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  966.582160] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  966.664506] FAT-fs (loop3): bogus number of reserved sectors
[  966.679729] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:49 executing program 1:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xffffff7f00000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:49 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
connect$vsock_dgram(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x4})

03:44:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x34000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  966.745566] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  966.762010] FAULT_INJECTION: forcing a failure.
[  966.762010] name failslab, interval 1, probability 0, space 0, times 0
[  966.804959] CPU: 1 PID: 12906 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  966.813501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  966.822869] Call Trace:
[  966.825500]  dump_stack+0x244/0x39d
[  966.829154]  ? dump_stack_print_info.cold.1+0x20/0x20
[  966.834379]  ? __kernel_text_address+0xd/0x40
[  966.838895]  ? unwind_get_return_address+0x61/0xa0
[  966.843844]  should_fail.cold.4+0xa/0x17
[  966.843866]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  966.843890]  ? save_stack+0x43/0xd0
[  966.843908]  ? kasan_kmalloc+0xc7/0xe0
[  966.853083]  ? kmem_cache_alloc_trace+0x152/0x750
[  966.853101]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  966.853116]  ? __list_lru_init+0x4d6/0x840
[  966.853135]  ? zap_class+0x640/0x640
[  966.853153]  ? mount_nodev+0x38/0x120
[  966.860658]  ? ovl_mount+0x34/0x40
[  966.860673]  ? legacy_get_tree+0x131/0x460
[  966.860686]  ? vfs_get_tree+0x1cb/0x5c0
[  966.860699]  ? do_mount+0x70c/0x1d90
[  966.860711]  ? ksys_mount+0x12d/0x140
[  966.860728]  ? __x64_sys_mount+0xbe/0x150
[  966.874987]  ? find_held_lock+0x36/0x1c0
[  966.875012]  ? __lock_is_held+0xb5/0x140
[  966.875045]  ? perf_trace_sched_process_exec+0x860/0x860
[  966.875074]  __should_failslab+0x124/0x180
[  966.886247]  should_failslab+0x9/0x14
[  966.886265]  kmem_cache_alloc_trace+0x2d7/0x750
[  966.886282]  ? __kmalloc_node+0x3c/0x70
[  966.886299]  ? __kmalloc_node+0x3c/0x70
[  966.886318]  ? rcu_read_lock_sched_held+0x14f/0x180
[  966.886341]  __memcg_init_list_lru_node+0x185/0x2d0
[  966.894543]  ? kvfree_rcu+0x20/0x20
03:44:49 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000000)=0x3000)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  966.894562]  ? __kmalloc_node+0x50/0x70
[  966.894588]  __list_lru_init+0x4d6/0x840
[  966.894609]  ? list_lru_destroy+0x500/0x500
[  966.894628]  ? up_write+0x7b/0x220
[  966.894649]  ? down_read+0x120/0x120
[  966.902170]  ? init_wait_entry+0x1c0/0x1c0
[  966.902188]  ? prealloc_shrinker+0x172/0x340
[  966.902233]  alloc_super+0x933/0xb40
[  966.910429]  ? destroy_unused_super.part.10+0x110/0x110
[  966.910454]  ? sget_userns+0x17c/0x850
[  966.910473]  ? lock_downgrade+0x900/0x900
[  966.910498]  ? kasan_check_read+0x11/0x20
[  966.919999]  ? do_raw_spin_trylock+0x270/0x270
[  966.920019]  ? security_capable+0x99/0xc0
[  966.920047]  sget_userns+0x278/0x850
[  966.920064]  ? get_anon_bdev+0xc0/0xc0
[  966.928099]  ? vfs_get_super+0x270/0x270
[  966.928145]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  966.928188]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  966.936797]  ? ns_capable_common+0x13f/0x170
[  966.936816]  ? get_anon_bdev+0xc0/0xc0
[  966.936831]  sget+0x10b/0x150
[  966.936854]  ? ovl_show_options+0x550/0x550
03:44:49 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x100000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  966.936869]  mount_nodev+0x38/0x120
[  966.936889]  ? ovl_own_xattr_set+0x10/0x10
[  966.945880]  ovl_mount+0x34/0x40
[  966.945900]  legacy_get_tree+0x131/0x460
[  966.945923]  vfs_get_tree+0x1cb/0x5c0
[  966.945939]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  966.945956]  do_mount+0x70c/0x1d90
[  966.945979]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  966.954607]  ? copy_mount_string+0x40/0x40
[  966.954630]  ? copy_mount_options+0x5f/0x430
[  966.954651]  ? kmem_cache_alloc_trace+0x353/0x750
[  966.954672]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  966.954694]  ? _copy_from_user+0xdf/0x150
[  966.962996]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  966.963011]  ? copy_mount_options+0x315/0x430
[  966.963034]  ksys_mount+0x12d/0x140
[  966.963056]  __x64_sys_mount+0xbe/0x150
[  966.970916]  do_syscall_64+0x1b9/0x820
[  966.970938]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  966.970956]  ? syscall_return_slowpath+0x5e0/0x5e0
[  966.970977]  ? trace_hardirqs_on_caller+0x310/0x310
[  966.978912]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  966.978932]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  966.978948]  ? __switch_to_asm+0x40/0x70
[  966.978960]  ? __switch_to_asm+0x34/0x70
[  966.978982]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  966.987633]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  966.987646] RIP: 0033:0x457569
[  966.987664] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  966.987673] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  966.987689] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  966.987698] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  966.987707] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  966.987722] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  966.997044] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:50 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0ffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x9effffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:50 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:50 executing program 4 (fault-call:2 fault-nth:31):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:50 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000007280)={{{@in=@local, @in6=@loopback}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000007380)=0xe8)

03:44:50 executing program 1 (fault-call:2 fault-nth:0):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x860c, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  967.464738] FAT-fs (loop3): bogus number of reserved sectors
[  967.472759] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  967.493271] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:50 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200))
getrandom(&(0x7f00000002c0)=""/124, 0x7c, 0x1)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000))
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000100)=""/202)
fchmodat(r1, &(0x7f0000000280)='./file0\x00', 0x4)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f0000000340)="829492032891fa9bb9c76ebfe2e03d4f0f7fca23c775295d34c1eeb1caa8ab1bc2c56b397fb7417c436495e464f2e7c199c42880849fa3820fa0c2d78af400056ec032a073b05e85f11237aa6bd351cb12e8869bebcf8204f9a93f83a6de6fed0c92dada8082ce")

[  967.515502] FAULT_INJECTION: forcing a failure.
[  967.515502] name failslab, interval 1, probability 0, space 0, times 0
03:44:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  967.572711] CPU: 0 PID: 12944 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  967.581251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  967.590620] Call Trace:
[  967.593227]  dump_stack+0x244/0x39d
[  967.596884]  ? dump_stack_print_info.cold.1+0x20/0x20
[  967.602104]  should_fail.cold.4+0xa/0x17
[  967.606194]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  967.611333]  ? zap_class+0x640/0x640
[  967.615071]  ? save_stack+0xa9/0xd0
[  967.618718]  ? save_stack+0x43/0xd0
03:44:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  967.622359]  ? kasan_kmalloc+0xc7/0xe0
[  967.626263]  ? __kmalloc+0x15b/0x760
[  967.630004]  ? find_held_lock+0x36/0x1c0
[  967.634083]  ? __lock_is_held+0xb5/0x140
[  967.638172]  ? perf_trace_sched_process_exec+0x860/0x860
[  967.643639]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  967.649189]  ? check_preemption_disabled+0x48/0x280
[  967.649218]  __should_failslab+0x124/0x180
[  967.649237]  should_failslab+0x9/0x14
[  967.649256]  kmem_cache_alloc_node_trace+0x270/0x740
[  967.649287]  __kmalloc_node+0x3c/0x70
[  967.667456]  kvmalloc_node+0x65/0xf0
[  967.667480]  __list_lru_init+0x5d9/0x840
[  967.667503]  ? list_lru_destroy+0x500/0x500
[  967.667524]  ? up_write+0x7b/0x220
[  967.667545]  ? down_read+0x120/0x120
[  967.675115]  ? init_wait_entry+0x1c0/0x1c0
[  967.675133]  ? prealloc_shrinker+0x172/0x340
[  967.675183]  alloc_super+0x933/0xb40
[  967.675214]  ? destroy_unused_super.part.10+0x110/0x110
[  967.675226]  ? sget_userns+0x17c/0x850
[  967.675242]  ? lock_downgrade+0x900/0x900
[  967.675276]  ? kasan_check_read+0x11/0x20
03:44:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xffffffffa0018000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  967.675289]  ? do_raw_spin_trylock+0x270/0x270
[  967.675304]  ? security_capable+0x99/0xc0
[  967.675327]  sget_userns+0x278/0x850
[  967.675343]  ? get_anon_bdev+0xc0/0xc0
[  967.708628]  ? vfs_get_super+0x270/0x270
[  967.708663]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  967.708714]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  967.729607]  ? ns_capable_common+0x13f/0x170
[  967.729628]  ? get_anon_bdev+0xc0/0xc0
[  967.729643]  sget+0x10b/0x150
[  967.729666]  ? ovl_show_options+0x550/0x550
[  967.729683]  mount_nodev+0x38/0x120
03:44:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$UI_DEV_DESTROY(r1, 0x5502)

[  967.746894]  ? ovl_own_xattr_set+0x10/0x10
[  967.746912]  ovl_mount+0x34/0x40
[  967.746937]  legacy_get_tree+0x131/0x460
[  967.746960]  vfs_get_tree+0x1cb/0x5c0
[  967.746975]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  967.746992]  do_mount+0x70c/0x1d90
[  967.747011]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  967.747032]  ? copy_mount_string+0x40/0x40
[  967.747051]  ? copy_mount_options+0x5f/0x430
[  967.747068]  ? kmem_cache_alloc_trace+0x353/0x750
[  967.747099]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  967.747120]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  967.747137]  ? copy_mount_options+0x315/0x430
[  967.771983]  ksys_mount+0x12d/0x140
[  967.772004]  __x64_sys_mount+0xbe/0x150
[  967.772030]  do_syscall_64+0x1b9/0x820
[  967.795754]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  967.795778]  ? syscall_return_slowpath+0x5e0/0x5e0
[  967.795799]  ? trace_hardirqs_on_caller+0x310/0x310
[  967.795817]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  967.795835]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  967.795850]  ? __switch_to_asm+0x40/0x70
[  967.795863]  ? __switch_to_asm+0x34/0x70
[  967.795884]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  967.810066]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  967.810079] RIP: 0033:0x457569
[  967.810096] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  967.810110] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  967.838102] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  967.838112] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  967.838122] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  967.838132] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  967.838141] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:50 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xcbf0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:50 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xffffff7f00000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:50 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0xfffffffa)
io_setup(0x1, &(0x7f0000000000)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000880)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000100)}])
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = memfd_create(&(0x7f0000000000)='lo@/[#!eth0/\x00', 0x7)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000080)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffff9c, 0xc010640b, &(0x7f00000000c0)={0x0, <r3=>0x0, 0x7})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000100)={r2, r3})
r4 = fcntl$dupfd(r0, 0x0, r0)
pipe(&(0x7f0000000140)={<r5=>0xffffffffffffffff})
getsockopt$IP6T_SO_GET_INFO(r5, 0x29, 0x40, &(0x7f0000000180)={'security\x00'}, &(0x7f0000000200)=0x54)
bind$bt_rfcomm(r4, &(0x7f0000000040), 0x2)

03:44:50 executing program 4 (fault-call:2 fault-nth:32):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:50 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local}, &(0x7f0000007000)=0xc)
accept$packet(0xffffffffffffffff, &(0x7f00000071c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000007200)=0x14)

03:44:51 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2a0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000001c0)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f00000002c0)=0xe8)
bind$bt_hci(r0, &(0x7f0000000300)={0x1f, r2}, 0xc)

[  968.168833] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  968.181711] FAT-fs (loop3): bogus number of reserved sectors
[  968.200384] FAT-fs (loop3): Can't find a valid FAT filesystem
[  968.203527] FAULT_INJECTION: forcing a failure.
[  968.203527] name failslab, interval 1, probability 0, space 0, times 0
[  968.256407] CPU: 0 PID: 12987 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  968.264952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.274314] Call Trace:
[  968.274340]  dump_stack+0x244/0x39d
[  968.274363]  ? dump_stack_print_info.cold.1+0x20/0x20
[  968.274383]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  968.274410]  should_fail.cold.4+0xa/0x17
[  968.274429]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  968.274461]  ? kernel_text_address+0x79/0xf0
[  968.274486]  ? unwind_get_return_address+0x61/0xa0
[  968.309668]  ? __save_stack_trace+0x8d/0xf0
[  968.314016]  ? zap_class+0x640/0x640
[  968.317759]  ? find_held_lock+0x36/0x1c0
[  968.321845]  ? __lock_is_held+0xb5/0x140
[  968.325945]  ? perf_trace_sched_process_exec+0x860/0x860
[  968.331417]  ? check_preemption_disabled+0x48/0x280
[  968.336492]  __should_failslab+0x124/0x180
[  968.340753]  should_failslab+0x9/0x14
[  968.344573]  kmem_cache_alloc_trace+0x2d7/0x750
[  968.344589]  ? __kmalloc_node+0x3c/0x70
03:44:51 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  968.344605]  ? __kmalloc_node+0x3c/0x70
[  968.344628]  ? rcu_read_lock_sched_held+0x14f/0x180
[  968.362259]  __memcg_init_list_lru_node+0x185/0x2d0
[  968.367294]  ? kvfree_rcu+0x20/0x20
[  968.370941]  ? __kmalloc_node+0x50/0x70
[  968.374936]  __list_lru_init+0x4d6/0x840
[  968.374960]  ? list_lru_destroy+0x500/0x500
[  968.374981]  ? up_write+0x7b/0x220
[  968.375000]  ? down_read+0x120/0x120
[  968.375020]  ? init_wait_entry+0x1c0/0x1c0
[  968.375036]  ? prealloc_shrinker+0x172/0x340
[  968.375062]  alloc_super+0x933/0xb40
03:44:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_genetlink_get_family_id$fou(&(0x7f0000000000)='fou\x00')
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000240)={'dummy0\x00', 0x3a0})
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = dup3(r1, r1, 0x80000)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=<r3=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000100)={{0x3, 0x7, 0x40, 0x51b, '\x00', 0x7ff}, 0x0, 0x200, 0x0, r3, 0x2, 0x3, 'syz1\x00', &(0x7f00000000c0)=['fou\x00', '\x00'], 0x5, [], [0x16, 0x8, 0x3, 0x2]})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  968.386983]  ? destroy_unused_super.part.10+0x110/0x110
[  968.386998]  ? sget_userns+0x17c/0x850
[  968.387016]  ? lock_downgrade+0x900/0x900
[  968.387040]  ? kasan_check_read+0x11/0x20
[  968.412347]  ? do_raw_spin_trylock+0x270/0x270
[  968.412368]  ? security_capable+0x99/0xc0
[  968.412397]  sget_userns+0x278/0x850
[  968.412415]  ? get_anon_bdev+0xc0/0xc0
[  968.437066]  ? vfs_get_super+0x270/0x270
[  968.441177]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  968.446769]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  968.452320]  ? ns_capable_common+0x13f/0x170
03:44:51 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x300, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  968.452340]  ? get_anon_bdev+0xc0/0xc0
[  968.452356]  sget+0x10b/0x150
[  968.452378]  ? ovl_show_options+0x550/0x550
[  968.452396]  mount_nodev+0x38/0x120
[  968.471802]  ? ovl_own_xattr_set+0x10/0x10
[  968.476055]  ovl_mount+0x34/0x40
[  968.476076]  legacy_get_tree+0x131/0x460
[  968.476098]  vfs_get_tree+0x1cb/0x5c0
[  968.476113]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  968.476129]  do_mount+0x70c/0x1d90
[  968.476150]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  968.476171]  ? copy_mount_string+0x40/0x40
03:44:51 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x3, 0x4)

[  968.476191]  ? copy_mount_options+0x5f/0x430
[  968.476210]  ? kmem_cache_alloc_trace+0x353/0x750
[  968.476229]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  968.476257]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  968.487481]  ? copy_mount_options+0x315/0x430
[  968.487504]  ksys_mount+0x12d/0x140
[  968.487524]  __x64_sys_mount+0xbe/0x150
[  968.487547]  do_syscall_64+0x1b9/0x820
[  968.487570]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  968.495860]  ? syscall_return_slowpath+0x5e0/0x5e0
[  968.495881]  ? trace_hardirqs_on_caller+0x310/0x310
[  968.495899]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  968.495919]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  968.495934]  ? __switch_to_asm+0x40/0x70
[  968.495947]  ? __switch_to_asm+0x34/0x70
[  968.495969]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  968.496000]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  968.510168] RIP: 0033:0x457569
[  968.526071] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  968.526080] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  968.526097] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  968.526107] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  968.526117] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  968.526126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  968.526135] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:51 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x600}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:51 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xc86, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:51 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f0000000000))
syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x2, 0x8201)

03:44:51 executing program 4 (fault-call:2 fault-nth:33):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:51 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000006fc0)={@broadcast, @local}, &(0x7f0000007000)=0xc)

03:44:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {}, 0x6}, 0xa)

[  968.818346] FAT-fs (loop3): bogus number of reserved sectors
[  968.837041] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  968.848922] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:51 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x3, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40485404, &(0x7f0000000080)={{0x0, 0x2, 0x6, 0x0, 0xffffffff}, 0x4d6, 0x6})

[  968.878256] FAULT_INJECTION: forcing a failure.
[  968.878256] name failslab, interval 1, probability 0, space 0, times 0
[  968.892623] CPU: 0 PID: 13030 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  968.901136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  968.910497] Call Trace:
[  968.913128]  dump_stack+0x244/0x39d
[  968.916787]  ? dump_stack_print_info.cold.1+0x20/0x20
[  968.921998]  ? __kernel_text_address+0xd/0x40
[  968.926530]  ? unwind_get_return_address+0x61/0xa0
[  968.931489]  should_fail.cold.4+0xa/0x17
[  968.935602]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  968.940763]  ? save_stack+0x43/0xd0
[  968.944400]  ? kasan_kmalloc+0xc7/0xe0
[  968.948310]  ? kmem_cache_alloc_trace+0x152/0x750
[  968.953420]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  968.953445]  ? __list_lru_init+0x4d6/0x840
[  968.953466]  ? zap_class+0x640/0x640
[  968.953480]  ? mount_nodev+0x38/0x120
[  968.953498]  ? ovl_mount+0x34/0x40
[  968.953513]  ? legacy_get_tree+0x131/0x460
[  968.953527]  ? vfs_get_tree+0x1cb/0x5c0
[  968.953544]  ? do_mount+0x70c/0x1d90
[  968.962994]  ? ksys_mount+0x12d/0x140
[  968.963009]  ? __x64_sys_mount+0xbe/0x150
[  968.963043]  ? find_held_lock+0x36/0x1c0
[  968.963088]  ? __lock_is_held+0xb5/0x140
[  968.974141]  ? perf_trace_sched_process_exec+0x860/0x860
[  968.986059]  __should_failslab+0x124/0x180
[  968.986077]  should_failslab+0x9/0x14
[  968.986096]  kmem_cache_alloc_trace+0x2d7/0x750
[  968.986113]  ? __kmalloc_node+0x3c/0x70
[  968.986130]  ? __kmalloc_node+0x3c/0x70
[  968.986149]  ? rcu_read_lock_sched_held+0x14f/0x180
[  968.986172]  __memcg_init_list_lru_node+0x185/0x2d0
[  968.986191]  ? kvfree_rcu+0x20/0x20
[  968.994636]  ? __kmalloc_node+0x50/0x70
[  968.994663]  __list_lru_init+0x4d6/0x840
[  968.994687]  ? list_lru_destroy+0x500/0x500
[  968.994716]  ? up_write+0x7b/0x220
[  968.994735]  ? down_read+0x120/0x120
[  968.994755]  ? init_wait_entry+0x1c0/0x1c0
[  968.994771]  ? prealloc_shrinker+0x172/0x340
[  968.994796]  alloc_super+0x933/0xb40
[  969.003562]  ? destroy_unused_super.part.10+0x110/0x110
[  969.003576]  ? sget_userns+0x17c/0x850
[  969.003596]  ? lock_downgrade+0x900/0x900
[  969.003620]  ? kasan_check_read+0x11/0x20
[  969.003643]  ? do_raw_spin_trylock+0x270/0x270
[  969.013323]  ? security_capable+0x99/0xc0
[  969.013354]  sget_userns+0x278/0x850
[  969.013368]  ? get_anon_bdev+0xc0/0xc0
[  969.013391]  ? vfs_get_super+0x270/0x270
[  969.013427]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  969.021940]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:44:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)=<r2=>0x0)
fcntl$setown(r0, 0x8, r2)

[  969.021958]  ? ns_capable_common+0x13f/0x170
[  969.021976]  ? get_anon_bdev+0xc0/0xc0
[  969.021990]  sget+0x10b/0x150
[  969.022013]  ? ovl_show_options+0x550/0x550
[  969.029942]  mount_nodev+0x38/0x120
[  969.029964]  ? ovl_own_xattr_set+0x10/0x10
[  969.029980]  ovl_mount+0x34/0x40
[  969.029999]  legacy_get_tree+0x131/0x460
[  969.030022]  vfs_get_tree+0x1cb/0x5c0
[  969.030043]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  969.040062]  do_mount+0x70c/0x1d90
[  969.040084]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  969.040106]  ? copy_mount_string+0x40/0x40
03:44:52 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0xfffffffffffffffe, 0x2}}, 0xa)

03:44:52 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xffffffffa0020000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:52 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
fcntl$notify(r1, 0x402, 0x9)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x101000, 0x0)

[  969.040127]  ? copy_mount_options+0x5f/0x430
[  969.040148]  ? kmem_cache_alloc_trace+0x353/0x750
[  969.040168]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  969.047768]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  969.047784]  ? copy_mount_options+0x315/0x430
[  969.047805]  ksys_mount+0x12d/0x140
[  969.047825]  __x64_sys_mount+0xbe/0x150
[  969.047849]  do_syscall_64+0x1b9/0x820
[  969.047876]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  969.047895]  ? syscall_return_slowpath+0x5e0/0x5e0
[  969.047916]  ? trace_hardirqs_on_caller+0x310/0x310
[  969.056286]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  969.056306]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  969.056321]  ? __switch_to_asm+0x40/0x70
[  969.056334]  ? __switch_to_asm+0x34/0x70
[  969.056358]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  969.056392]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  969.056404] RIP: 0033:0x457569
[  969.056420] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  969.056428] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  969.063698] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  969.063716] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  969.063725] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  969.063735] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  969.063745] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:52 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb0f0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:52 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2000000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:52 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x4, 0x1000000000000000, 0xffffffffffffffbd, 0x3f}, 0x3}, 0x144)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:52 executing program 4 (fault-call:2 fault-nth:34):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:52 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x0, 0x0, 0x2}}, 0xa)

03:44:52 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000002840)={{{@in=@multicast2, @in6=@ipv4={[], [], @rand_addr}}}, {{@in=@multicast2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8)

03:44:52 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf00000000000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  969.531762] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  969.548165] FAT-fs (loop3): bogus number of reserved sectors
[  969.553993] FAT-fs (loop3): Can't find a valid FAT filesystem
[  969.570014] FAULT_INJECTION: forcing a failure.
[  969.570014] name failslab, interval 1, probability 0, space 0, times 0
03:44:52 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x501000)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
r3 = getgid()
r4 = getegid()
r5 = getgid()
getgroups(0x1, &(0x7f0000000100)=[<r6=>0x0])
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f00000003c0)={0x0, 0x100000001, 0xfffffffffffff6bb, 0x100000000, 0x400}, 0x14)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, <r8=>0x0}, &(0x7f0000000240)=0xc)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer\x00', 0x80, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000340)={'team0\x00', <r10=>0x0})
ioctl$HCIINQUIRY(r9, 0x800448f0, &(0x7f0000000380)={r10, 0x10001, 0x5, 0x1, 0xfffffffffffffff9, 0x0, 0x6})
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000280)={{}, {0x1, 0x6}, [], {0x4, 0x4}, [{0x8, 0x0, r3}, {0x8, 0x5, r4}, {0x8, 0x5, r5}, {0x8, 0x3, r6}, {0x8, 0x2, r7}, {0x8, 0x5, r8}], {0x10, 0x4}, {0x20, 0x2}}, 0x54, 0x2)

03:44:52 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x3, 0x0, 0x0, 0x3, 0x20, 0xfffffffffffffffc}, 0x8002}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000000))

[  969.651708] CPU: 0 PID: 13074 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  969.660259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  969.669643] Call Trace:
[  969.672257]  dump_stack+0x244/0x39d
[  969.675907]  ? dump_stack_print_info.cold.1+0x20/0x20
[  969.681124]  ? __kernel_text_address+0xd/0x40
[  969.685643]  ? unwind_get_return_address+0x61/0xa0
[  969.690618]  should_fail.cold.4+0xa/0x17
[  969.690640]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  969.690666]  ? save_stack+0x43/0xd0
[  969.690678]  ? kasan_kmalloc+0xc7/0xe0
[  969.690708]  ? kmem_cache_alloc_trace+0x152/0x750
[  969.712229]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  969.712246]  ? __list_lru_init+0x4d6/0x840
[  969.712265]  ? zap_class+0x640/0x640
[  969.712280]  ? mount_nodev+0x38/0x120
[  969.712296]  ? ovl_mount+0x34/0x40
[  969.712315]  ? legacy_get_tree+0x131/0x460
[  969.721736]  ? vfs_get_tree+0x1cb/0x5c0
[  969.721750]  ? do_mount+0x70c/0x1d90
[  969.721763]  ? ksys_mount+0x12d/0x140
[  969.721776]  ? __x64_sys_mount+0xbe/0x150
[  969.721800]  ? find_held_lock+0x36/0x1c0
[  969.721825]  ? __lock_is_held+0xb5/0x140
[  969.732871]  ? i915_perf_open_ioctl+0x1858/0x2a50
[  969.732905]  ? perf_trace_sched_process_exec+0x860/0x860
[  969.744827]  __should_failslab+0x124/0x180
[  969.744846]  should_failslab+0x9/0x14
[  969.744865]  kmem_cache_alloc_trace+0x2d7/0x750
[  969.744881]  ? __kmalloc_node+0x3c/0x70
[  969.744898]  ? __kmalloc_node+0x3c/0x70
[  969.744916]  ? rcu_read_lock_sched_held+0x14f/0x180
[  969.744937]  __memcg_init_list_lru_node+0x185/0x2d0
[  969.744953]  ? kvfree_rcu+0x20/0x20
[  969.744969]  ? __kmalloc_node+0x50/0x70
[  969.744994]  __list_lru_init+0x4d6/0x840
[  969.745014]  ? list_lru_destroy+0x500/0x500
[  969.761059]  ? up_write+0x7b/0x220
[  969.761080]  ? down_read+0x120/0x120
[  969.761101]  ? init_wait_entry+0x1c0/0x1c0
[  969.761118]  ? prealloc_shrinker+0x172/0x340
[  969.761146]  alloc_super+0x933/0xb40
[  969.761168]  ? destroy_unused_super.part.10+0x110/0x110
[  969.784211]  ? sget_userns+0x17c/0x850
[  969.784233]  ? lock_downgrade+0x900/0x900
[  969.784258]  ? kasan_check_read+0x11/0x20
[  969.784276]  ? do_raw_spin_trylock+0x270/0x270
[  969.784296]  ? security_capable+0x99/0xc0
[  969.784323]  sget_userns+0x278/0x850
[  969.784336]  ? get_anon_bdev+0xc0/0xc0
[  969.784357]  ? vfs_get_super+0x270/0x270
[  969.797334]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  969.797383]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  969.797399]  ? ns_capable_common+0x13f/0x170
[  969.797417]  ? get_anon_bdev+0xc0/0xc0
[  969.810041]  sget+0x10b/0x150
[  969.810066]  ? ovl_show_options+0x550/0x550
[  969.810083]  mount_nodev+0x38/0x120
[  969.810103]  ? ovl_own_xattr_set+0x10/0x10
[  969.810119]  ovl_mount+0x34/0x40
[  969.810137]  legacy_get_tree+0x131/0x460
[  969.838184]  vfs_get_tree+0x1cb/0x5c0
[  969.838202]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  969.838219]  do_mount+0x70c/0x1d90
[  969.838240]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  969.838261]  ? copy_mount_string+0x40/0x40
[  969.838281]  ? copy_mount_options+0x5f/0x430
[  969.851679]  ? kmem_cache_alloc_trace+0x353/0x750
03:44:52 executing program 4 (fault-call:2 fault-nth:35):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:52 executing program 1:
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f00000000c0)=""/120, &(0x7f0000000140)=0x78)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = dup(r1)
ioctl$PIO_FONT(r2, 0x4b61, &(0x7f0000000000)="1af8e9f1dbf4828013bc568b9624cb757f435c7bd6d1def339bb4f4c")
r3 = fcntl$dupfd(r1, 0x0, r1)
syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x1)
bind$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, {0x0, 0x313d, 0x0, 0x1000000}}, 0xa)

03:44:52 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf000000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  969.851711]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  969.851731]  ? _copy_from_user+0xdf/0x150
[  969.851752]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  969.851771]  ? copy_mount_options+0x315/0x430
[  969.860533]  ksys_mount+0x12d/0x140
[  969.868385]  __x64_sys_mount+0xbe/0x150
[  969.868409]  do_syscall_64+0x1b9/0x820
[  969.868430]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  969.868462]  ? syscall_return_slowpath+0x5e0/0x5e0
[  969.868483]  ? trace_hardirqs_on_caller+0x310/0x310
[  969.868503]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  969.876457]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  969.876476]  ? __switch_to_asm+0x40/0x70
[  969.876489]  ? __switch_to_asm+0x34/0x70
[  969.876513]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  969.876541]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  969.876554] RIP: 0033:0x457569
[  969.876571] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  969.876586] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  969.887647] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  969.887657] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  969.887666] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  969.887676] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  969.887686] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  970.073220] FAULT_INJECTION: forcing a failure.
[  970.073220] name failslab, interval 1, probability 0, space 0, times 0
[  970.088542] CPU: 0 PID: 13096 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  970.105432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  970.105448] Call Trace:
[  970.105484]  dump_stack+0x244/0x39d
[  970.105507]  ? dump_stack_print_info.cold.1+0x20/0x20
[  970.105527]  ? __kernel_text_address+0xd/0x40
[  970.105544]  ? unwind_get_return_address+0x61/0xa0
[  970.105571]  should_fail.cold.4+0xa/0x17
[  970.134781]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  970.144201]  ? save_stack+0x43/0xd0
[  970.144215]  ? kasan_kmalloc+0xc7/0xe0
[  970.144231]  ? kmem_cache_alloc_trace+0x152/0x750
[  970.144248]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  970.144262]  ? __list_lru_init+0x4d6/0x840
[  970.144279]  ? zap_class+0x640/0x640
[  970.144292]  ? mount_nodev+0x38/0x120
[  970.144307]  ? ovl_mount+0x34/0x40
[  970.144321]  ? legacy_get_tree+0x131/0x460
[  970.144334]  ? vfs_get_tree+0x1cb/0x5c0
[  970.144351]  ? do_mount+0x70c/0x1d90
[  970.153514]  ? ksys_mount+0x12d/0x140
[  970.153528]  ? __x64_sys_mount+0xbe/0x150
[  970.153550]  ? find_held_lock+0x36/0x1c0
[  970.153571]  ? __lock_is_held+0xb5/0x140
[  970.165903]  ? xfs_bmap_rtalloc+0x6f8/0xfe0
[  970.165937]  ? perf_trace_sched_process_exec+0x860/0x860
[  970.165967]  __should_failslab+0x124/0x180
[  970.175386]  should_failslab+0x9/0x14
[  970.175404]  kmem_cache_alloc_trace+0x2d7/0x750
[  970.175420]  ? __kmalloc_node+0x3c/0x70
[  970.175450]  ? __kmalloc_node+0x3c/0x70
[  970.175471]  ? rcu_read_lock_sched_held+0x14f/0x180
[  970.175494]  __memcg_init_list_lru_node+0x185/0x2d0
[  970.175514]  ? kvfree_rcu+0x20/0x20
[  970.183097]  ? __kmalloc_node+0x50/0x70
[  970.190854]  __list_lru_init+0x4d6/0x840
[  970.190878]  ? list_lru_destroy+0x500/0x500
[  970.190897]  ? up_write+0x7b/0x220
[  970.190918]  ? down_read+0x120/0x120
[  970.202089] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  970.202400]  ? init_wait_entry+0x1c0/0x1c0
[  970.214654]  ? prealloc_shrinker+0x172/0x340
[  970.214684]  alloc_super+0x933/0xb40
[  970.214716]  ? destroy_unused_super.part.10+0x110/0x110
[  970.214729]  ? sget_userns+0x17c/0x850
[  970.214748]  ? lock_downgrade+0x900/0x900
[  970.214771]  ? kasan_check_read+0x11/0x20
[  970.224531]  ? do_raw_spin_trylock+0x270/0x270
[  970.224552]  ? security_capable+0x99/0xc0
[  970.224581]  sget_userns+0x278/0x850
[  970.224595]  ? get_anon_bdev+0xc0/0xc0
[  970.224617]  ? vfs_get_super+0x270/0x270
[  970.224649]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  970.224694]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.232724]  ? ns_capable_common+0x13f/0x170
[  970.232744]  ? get_anon_bdev+0xc0/0xc0
[  970.232759]  sget+0x10b/0x150
[  970.232783]  ? ovl_show_options+0x550/0x550
[  970.232798]  mount_nodev+0x38/0x120
[  970.232818]  ? ovl_own_xattr_set+0x10/0x10
[  970.241459]  ovl_mount+0x34/0x40
[  970.241481]  legacy_get_tree+0x131/0x460
[  970.241504]  vfs_get_tree+0x1cb/0x5c0
[  970.241520]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  970.241537]  do_mount+0x70c/0x1d90
[  970.241560]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  970.290925]  ? copy_mount_string+0x40/0x40
[  970.290948]  ? copy_mount_options+0x5f/0x430
[  970.290969]  ? kmem_cache_alloc_trace+0x353/0x750
[  970.290992]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  970.299119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.299135]  ? copy_mount_options+0x315/0x430
[  970.299156]  ksys_mount+0x12d/0x140
[  970.299175]  __x64_sys_mount+0xbe/0x150
[  970.308428]  do_syscall_64+0x1b9/0x820
[  970.308461]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  970.308482]  ? syscall_return_slowpath+0x5e0/0x5e0
[  970.308503]  ? trace_hardirqs_on_caller+0x310/0x310
[  970.316796]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  970.325513]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  970.325531]  ? __switch_to_asm+0x40/0x70
[  970.325545]  ? __switch_to_asm+0x34/0x70
[  970.325567]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  970.325596]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  970.325608] RIP: 0033:0x457569
[  970.325624] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  970.325638] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  970.337276] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  970.337286] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  970.337296] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  970.337306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  970.337316] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:53 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc6f0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x200, 0x0)
accept4$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x80800)
r2 = fcntl$dupfd(r0, 0x20, r0)
ioctl$BLKRAGET(r2, 0x1263, &(0x7f0000000000))
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
write$FUSE_OPEN(r2, &(0x7f0000000180)={0x20, 0xfffffffffffffffe, 0x4, {0x0, 0x3}}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000080)={0xc})

03:44:53 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf0ffffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:53 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup3(r0, r0, 0x80000)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f00000001c0)={0x9, 0x0, [{0xc001167b, 0x0, 0x7}, {0x4b564d01, 0x0, 0x4}, {0x365, 0x0, 0x400}, {0xb7e, 0x0, 0xfffffffffffffff8}, {0x242, 0x0, 0x1ff}, {0x9ff, 0x0, 0x812}, {0xaa5, 0x0, 0x7}, {0xfff, 0x0, 0x8001}, {0xb46, 0x0, 0x4f}]})
r2 = fcntl$dupfd(r0, 0x0, r0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x200100, 0x0)
tee(r2, r0, 0x0, 0x2)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
getsockopt$inet_dccp_int(r2, 0x21, 0x13, &(0x7f0000000000), &(0x7f0000000080)=0x4)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000000100)={{0x6, 0x4}, 'port1\x00', 0x80, 0x40000, 0x80000000, 0x1, 0x7f, 0x1, 0x8, 0x0, 0x4, 0x1ff})
ioctl$FS_IOC_SETVERSION(r2, 0x800448d5, &(0x7f00000000c0))

03:44:53 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001680)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)

03:44:53 executing program 4 (fault-call:2 fault-nth:36):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  970.678362] FAT-fs (loop3): bogus number of reserved sectors
[  970.716110] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:53 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x2a0ffffffff, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:53 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000140)=0x10000006)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r2=>0x0, r1, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000180)={{0x6, 0x0, 0x3, 0x1, 'syz1\x00', 0x100}, 0x1, 0x208, 0x1, r2, 0x7, 0x100000000000, 'syz0\x00', &(0x7f00000000c0)=["6e6f6465766d643573756d265e277b490e2d00", 'em0+\x00', '#\x00', '\x00', '\x00', '\x00', '@keyringkeyring\x00'], 0x2d, [], [0x20, 0x100000001, 0x4, 0x4]})

03:44:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x1, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, 0x2}, 0xfdba)

[  970.729149] FAT-fs (loop3): Can't find a valid FAT filesystem
[  970.756415] FAULT_INJECTION: forcing a failure.
[  970.756415] name failslab, interval 1, probability 0, space 0, times 0
[  970.820657] CPU: 0 PID: 13127 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  970.829186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  970.829194] Call Trace:
[  970.829234]  dump_stack+0x244/0x39d
[  970.829274]  ? dump_stack_print_info.cold.1+0x20/0x20
[  970.829297]  ? __kernel_text_address+0xd/0x40
[  970.854507]  ? unwind_get_return_address+0x61/0xa0
[  970.859487]  should_fail.cold.4+0xa/0x17
[  970.863629]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  970.868758]  ? save_stack+0x43/0xd0
[  970.872395]  ? kasan_kmalloc+0xc7/0xe0
[  970.876293]  ? kmem_cache_alloc_trace+0x152/0x750
[  970.881336]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  970.881352]  ? __list_lru_init+0x4d6/0x840
[  970.881370]  ? zap_class+0x640/0x640
[  970.881384]  ? mount_nodev+0x38/0x120
[  970.881405]  ? ovl_mount+0x34/0x40
[  970.890827]  ? legacy_get_tree+0x131/0x460
[  970.898330]  ? vfs_get_tree+0x1cb/0x5c0
[  970.898344]  ? do_mount+0x70c/0x1d90
[  970.898357]  ? ksys_mount+0x12d/0x140
[  970.898371]  ? __x64_sys_mount+0xbe/0x150
[  970.898398]  ? find_held_lock+0x36/0x1c0
[  970.906162]  ? __lock_is_held+0xb5/0x140
[  970.906197]  ? perf_trace_sched_process_exec+0x860/0x860
[  970.906227]  __should_failslab+0x124/0x180
[  970.906245]  should_failslab+0x9/0x14
[  970.906262]  kmem_cache_alloc_trace+0x2d7/0x750
[  970.906277]  ? __kmalloc_node+0x3c/0x70
[  970.906297]  ? __kmalloc_node+0x3c/0x70
[  970.913977]  ? rcu_read_lock_sched_held+0x14f/0x180
[  970.914003]  __memcg_init_list_lru_node+0x185/0x2d0
[  970.914023]  ? kvfree_rcu+0x20/0x20
[  970.914043]  ? __kmalloc_node+0x50/0x70
[  970.921989]  __list_lru_init+0x4d6/0x840
[  970.922013]  ? list_lru_destroy+0x500/0x500
[  970.922032]  ? up_write+0x7b/0x220
[  970.922053]  ? down_read+0x120/0x120
[  970.930165]  ? init_wait_entry+0x1c0/0x1c0
[  970.930182]  ? prealloc_shrinker+0x172/0x340
[  970.930209]  alloc_super+0x933/0xb40
[  970.930231]  ? destroy_unused_super.part.10+0x110/0x110
[  970.939900]  ? sget_userns+0x17c/0x850
[  970.939920]  ? lock_downgrade+0x900/0x900
[  970.939944]  ? kasan_check_read+0x11/0x20
03:44:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='sched\x00')
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000080)={'filter\x00', 0x3, [{}, {}, {}]}, 0x58)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:44:53 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x860c0000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  970.939969]  ? do_raw_spin_trylock+0x270/0x270
[  970.948446]  ? security_capable+0x99/0xc0
[  970.948487]  sget_userns+0x278/0x850
[  970.948500]  ? get_anon_bdev+0xc0/0xc0
[  970.948522]  ? vfs_get_super+0x270/0x270
[  970.948553]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  970.948608]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.961543]  ? ns_capable_common+0x13f/0x170
[  970.961562]  ? get_anon_bdev+0xc0/0xc0
[  970.961577]  sget+0x10b/0x150
[  970.961600]  ? ovl_show_options+0x550/0x550
03:44:53 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000000)=0x8, 0x4)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x407}, 0xea)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  970.961618]  mount_nodev+0x38/0x120
[  970.970260]  ? ovl_own_xattr_set+0x10/0x10
[  970.970278]  ovl_mount+0x34/0x40
[  970.970298]  legacy_get_tree+0x131/0x460
[  970.970319]  vfs_get_tree+0x1cb/0x5c0
[  970.978344]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  970.978362]  do_mount+0x70c/0x1d90
[  970.978382]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  970.978408]  ? copy_mount_string+0x40/0x40
[  970.986292]  ? copy_mount_options+0x5f/0x430
[  970.986313]  ? kmem_cache_alloc_trace+0x353/0x750
[  970.986332]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  970.986354]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  970.986367]  ? copy_mount_options+0x315/0x430
[  970.986414]  ksys_mount+0x12d/0x140
[  970.994934]  __x64_sys_mount+0xbe/0x150
[  970.994958]  do_syscall_64+0x1b9/0x820
[  970.994978]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  970.994998]  ? syscall_return_slowpath+0x5e0/0x5e0
[  970.995019]  ? trace_hardirqs_on_caller+0x310/0x310
[  970.995039]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  971.003226]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  971.003243]  ? __switch_to_asm+0x40/0x70
[  971.003256]  ? __switch_to_asm+0x34/0x70
[  971.003279]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  971.003305]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  971.012531] RIP: 0033:0x457569
[  971.012548] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  971.012557] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  971.012573] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  971.012582] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  971.012596] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  971.020873] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  971.020884] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:54 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x9effffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:54 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x400300, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:54 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000100)={<r2=>0x0, @in={{0x2, 0x4e23, @loopback}}, 0x4, 0x40, 0x3428, 0x43ea6f23, 0x10000}, &(0x7f0000000000)=0x98)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000080)={r2, 0x1f, 0x2, 0x7ff, 0xffff, 0x1}, &(0x7f00000001c0)=0x14)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x6, &(0x7f0000000080)="cc8ac85760cf59841a38fb62eb4b3f790108f41be1ff9f5ddc2fa2635f5c196b7760e0bab0c97d55c6f587f40a084486254c9c490dca6afd4c4e56a9f533")
r1 = fcntl$dupfd(r0, 0x0, r0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:54 executing program 4 (fault-call:2 fault-nth:37):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:54 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000002740)={{{@in6=@dev, @in=@remote}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000001640)=0xe8)

[  971.405414] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:54 executing program 1:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ustat(0x0, &(0x7f0000000000))
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040), 0x2)

03:44:54 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x8001a0, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:54 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f0000000000)=0x4)

[  971.454314] FAT-fs (loop3): bogus number of reserved sectors
[  971.460630] FAT-fs (loop3): Can't find a valid FAT filesystem
[  971.477671] FAULT_INJECTION: forcing a failure.
[  971.477671] name failslab, interval 1, probability 0, space 0, times 0
[  971.535717] CPU: 0 PID: 13175 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  971.544255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  971.553614] Call Trace:
[  971.556218]  dump_stack+0x244/0x39d
[  971.559858]  ? dump_stack_print_info.cold.1+0x20/0x20
[  971.565057]  ? __kernel_text_address+0xd/0x40
[  971.569556]  ? unwind_get_return_address+0x61/0xa0
[  971.574498]  should_fail.cold.4+0xa/0x17
[  971.578567]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  971.583714]  ? save_stack+0x43/0xd0
[  971.587340]  ? kasan_kmalloc+0xc7/0xe0
[  971.591227]  ? kmem_cache_alloc_trace+0x152/0x750
[  971.596097]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  971.601285]  ? __list_lru_init+0x4d6/0x840
[  971.605523]  ? zap_class+0x640/0x640
[  971.609240]  ? mount_nodev+0x38/0x120
[  971.613045]  ? ovl_mount+0x34/0x40
[  971.616584]  ? legacy_get_tree+0x131/0x460
[  971.620822]  ? vfs_get_tree+0x1cb/0x5c0
[  971.624796]  ? do_mount+0x70c/0x1d90
[  971.628506]  ? ksys_mount+0x12d/0x140
[  971.632308]  ? __x64_sys_mount+0xbe/0x150
[  971.636474]  ? find_held_lock+0x36/0x1c0
[  971.640547]  ? __lock_is_held+0xb5/0x140
[  971.644621]  ? drm_sysfs_connector_add+0x1e8/0x2b0
[  971.649571]  ? perf_trace_sched_process_exec+0x860/0x860
[  971.655040]  __should_failslab+0x124/0x180
[  971.659280]  should_failslab+0x9/0x14
[  971.663084]  kmem_cache_alloc_trace+0x2d7/0x750
[  971.667757]  ? __kmalloc_node+0x3c/0x70
[  971.671744]  ? __kmalloc_node+0x3c/0x70
[  971.675733]  ? rcu_read_lock_sched_held+0x14f/0x180
[  971.680763]  __memcg_init_list_lru_node+0x185/0x2d0
[  971.685798]  ? kvfree_rcu+0x20/0x20
[  971.689435]  ? __kmalloc_node+0x50/0x70
[  971.693457]  __list_lru_init+0x4d6/0x840
[  971.697537]  ? list_lru_destroy+0x500/0x500
[  971.701871]  ? up_write+0x7b/0x220
[  971.705422]  ? down_read+0x120/0x120
[  971.709165]  ? init_wait_entry+0x1c0/0x1c0
[  971.713404]  ? prealloc_shrinker+0x172/0x340
[  971.717835]  alloc_super+0x933/0xb40
[  971.721560]  ? destroy_unused_super.part.10+0x110/0x110
[  971.726925]  ? sget_userns+0x17c/0x850
[  971.730828]  ? lock_downgrade+0x900/0x900
[  971.734984]  ? kasan_check_read+0x11/0x20
[  971.739134]  ? do_raw_spin_trylock+0x270/0x270
[  971.743725]  ? security_capable+0x99/0xc0
[  971.747888]  sget_userns+0x278/0x850
[  971.751604]  ? get_anon_bdev+0xc0/0xc0
[  971.755504]  ? vfs_get_super+0x270/0x270
[  971.759583]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  971.765181]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  971.770726]  ? ns_capable_common+0x13f/0x170
[  971.775141]  ? get_anon_bdev+0xc0/0xc0
[  971.779058]  sget+0x10b/0x150
[  971.782172]  ? ovl_show_options+0x550/0x550
[  971.786498]  mount_nodev+0x38/0x120
[  971.790133]  ? ovl_own_xattr_set+0x10/0x10
[  971.794370]  ovl_mount+0x34/0x40
[  971.797740]  legacy_get_tree+0x131/0x460
[  971.801812]  vfs_get_tree+0x1cb/0x5c0
[  971.805618]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  971.810380]  do_mount+0x70c/0x1d90
[  971.813927]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  971.819483]  ? copy_mount_string+0x40/0x40
[  971.823732]  ? copy_mount_options+0x5f/0x430
[  971.828147]  ? kmem_cache_alloc_trace+0x353/0x750
[  971.832999]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  971.838543]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  971.844083]  ? copy_mount_options+0x315/0x430
[  971.848589]  ksys_mount+0x12d/0x140
[  971.852224]  __x64_sys_mount+0xbe/0x150
[  971.856212]  do_syscall_64+0x1b9/0x820
[  971.860104]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  971.865477]  ? syscall_return_slowpath+0x5e0/0x5e0
[  971.870413]  ? trace_hardirqs_on_caller+0x310/0x310
[  971.875454]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  971.880483]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  971.887151]  ? __switch_to_asm+0x40/0x70
[  971.891212]  ? __switch_to_asm+0x34/0x70
[  971.895296]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  971.900156]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  971.905349] RIP: 0033:0x457569
[  971.908546] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  971.927454] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  971.935182] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  971.942468] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  971.949747] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  971.957019] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  971.964284] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000080)={{0x0, 0x0, 0x5, 0x0, 0x8}, 0x9, 0x0, 0x197})
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:54 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf000, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:54 executing program 4 (fault-call:2 fault-nth:38):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  972.157467] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  972.199692] FAULT_INJECTION: forcing a failure.
[  972.199692] name failslab, interval 1, probability 0, space 0, times 0
[  972.215174] CPU: 1 PID: 13204 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  972.223692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  972.223699] Call Trace:
[  972.223726]  dump_stack+0x244/0x39d
[  972.223754]  ? dump_stack_print_info.cold.1+0x20/0x20
[  972.239316]  ? __kernel_text_address+0xd/0x40
[  972.239334]  ? unwind_get_return_address+0x61/0xa0
[  972.239355]  should_fail.cold.4+0xa/0x17
[  972.249028]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  972.249053]  ? save_stack+0x43/0xd0
[  972.249066]  ? kasan_kmalloc+0xc7/0xe0
[  972.249087]  ? kmem_cache_alloc_trace+0x152/0x750
[  972.258083]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  972.270668]  ? __list_lru_init+0x4d6/0x840
[  972.270687]  ? zap_class+0x640/0x640
[  972.270700]  ? mount_nodev+0x38/0x120
[  972.270716]  ? ovl_mount+0x34/0x40
[  972.270734]  ? legacy_get_tree+0x131/0x460
[  972.280839]  ? vfs_get_tree+0x1cb/0x5c0
[  972.280853]  ? do_mount+0x70c/0x1d90
[  972.280865]  ? ksys_mount+0x12d/0x140
[  972.280878]  ? __x64_sys_mount+0xbe/0x150
[  972.280899]  ? find_held_lock+0x36/0x1c0
[  972.288834]  ? __lock_is_held+0xb5/0x140
[  972.288868]  ? perf_trace_sched_process_exec+0x860/0x860
[  972.288897]  __should_failslab+0x124/0x180
[  972.296225]  should_failslab+0x9/0x14
[  972.296244]  kmem_cache_alloc_trace+0x2d7/0x750
[  972.296261]  ? __kmalloc_node+0x3c/0x70
[  972.296276]  ? __kmalloc_node+0x3c/0x70
[  972.296298]  ? rcu_read_lock_sched_held+0x14f/0x180
[  972.304503]  __memcg_init_list_lru_node+0x185/0x2d0
[  972.304524]  ? kvfree_rcu+0x20/0x20
[  972.304542]  ? __kmalloc_node+0x50/0x70
[  972.304566]  __list_lru_init+0x4d6/0x840
[  972.312065]  ? list_lru_destroy+0x500/0x500
[  972.312085]  ? up_write+0x7b/0x220
[  972.312105]  ? down_read+0x120/0x120
[  972.312126]  ? init_wait_entry+0x1c0/0x1c0
[  972.320338]  ? prealloc_shrinker+0x172/0x340
[  972.320366]  alloc_super+0x933/0xb40
[  972.320389]  ? destroy_unused_super.part.10+0x110/0x110
[  972.329889]  ? sget_userns+0x17c/0x850
[  972.329909]  ? lock_downgrade+0x900/0x900
[  972.329932]  ? kasan_check_read+0x11/0x20
[  972.329950]  ? do_raw_spin_trylock+0x270/0x270
[  972.338003]  ? security_capable+0x99/0xc0
[  972.338031]  sget_userns+0x278/0x850
[  972.338049]  ? get_anon_bdev+0xc0/0xc0
[  972.346685]  ? vfs_get_super+0x270/0x270
[  972.346718]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  972.346763]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  972.355727]  ? ns_capable_common+0x13f/0x170
[  972.355746]  ? get_anon_bdev+0xc0/0xc0
[  972.355760]  sget+0x10b/0x150
[  972.355782]  ? ovl_show_options+0x550/0x550
[  972.355800]  mount_nodev+0x38/0x120
[  972.364450]  ? ovl_own_xattr_set+0x10/0x10
[  972.364468]  ovl_mount+0x34/0x40
[  972.364487]  legacy_get_tree+0x131/0x460
[  972.364509]  vfs_get_tree+0x1cb/0x5c0
[  972.364527]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  972.372555]  do_mount+0x70c/0x1d90
[  972.372576]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  972.372604]  ? copy_mount_string+0x40/0x40
[  972.380467]  ? copy_mount_options+0x5f/0x430
[  972.380488]  ? kmem_cache_alloc_trace+0x353/0x750
[  972.380508]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  972.388486]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  972.388502]  ? copy_mount_options+0x315/0x430
[  972.396626]  ksys_mount+0x12d/0x140
[  972.396646]  __x64_sys_mount+0xbe/0x150
[  972.396668]  do_syscall_64+0x1b9/0x820
[  972.396686]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  972.396718]  ? syscall_return_slowpath+0x5e0/0x5e0
[  972.405964]  ? trace_hardirqs_on_caller+0x310/0x310
[  972.405984]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  972.406003]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  972.406017]  ? __switch_to_asm+0x40/0x70
[  972.406034]  ? __switch_to_asm+0x34/0x70
[  972.414333]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  972.414361]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  972.414374] RIP: 0033:0x457569
[  972.414392] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  972.423098] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  972.423115] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  972.423125] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  972.423134] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  972.423144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  972.423158] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:55 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb3f00000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000080)="06d0e25ce9b2f0d0557c4bb6e580e41ac8029ce05fc0efd239950fbc64102636336b76a53e13ee740bf9be1d0e35db7e96fc0f3f45a9daf42d1e824e7a477eb5b814537d53182ff9c2db848c8d7ca7783b8d58f441db4f6dba86995cd7b4700fe4e472de07052d0c10634444f8614e3d3f9b849cbe8c4c5037a5da84b4aafae65de0fd1a9846ce0a96e6df70d6c102f605862549c1b141cb58d3fe42ffd5711e8f43da5df8037664320dd6b2d67579acd0644b1f8e5b0297c57e370357966de132215c877895e5bbddafaa0789f31650488f7e636a248ef605f5df63680eec08c52dfeed3d95e0fd3ec541c26d8d082d796fdebe7a52d61c71bf6461a2c7b682")

03:44:55 executing program 2:
r0 = dup(0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000000)={<r1=>0x0, 0x9, 0x6}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r1, 0x8001}, 0x8)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000480)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in6}}, &(0x7f0000000580)=0xe8)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000005c0)={{{@in=@multicast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@loopback}}, &(0x7f00000006c0)=0xe8)
setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000700)={{{@in=@broadcast, @in=@broadcast, 0x4e20, 0x1000, 0x4e23, 0x9, 0xa, 0xa0, 0x20, 0x3b, r2, r3}, {0x3, 0x6, 0x7fff, 0xbe0, 0xf4, 0x2, 0x1f, 0x5}, {0xe3, 0x4, 0x6, 0x3ff}, 0x7, 0x6e6bbf, 0x0, 0x0, 0x1, 0x2}, {{@in6, 0x4d6, 0x3f}, 0xa, @in=@local, 0x3502, 0x3, 0x1, 0x40000000, 0x0, 0xffffffff, 0x3}}, 0xe8)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = fcntl$dupfd(r4, 0x0, r4)
bind$bt_rfcomm(r5, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r5, 0x800448d5, &(0x7f00000000c0))
io_setup(0x6, &(0x7f0000000140)=<r6=>0x0)
io_cancel(r6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x7, 0x8000, r4, &(0x7f0000000180)="3cba9e1185cab7b5e147d67394a67e685d971e900bf69a00d448cf8da2c31a4a2a5c521854f57cd601fea630998f5d2eef99d9cace9c9ea5cd0e076bdba45e178e34c7c1d8", 0x45, 0x2, 0x0, 0x1, r5}, &(0x7f0000000240))

03:44:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0xf00, 0x0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:55 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000001600)=0x14)

03:44:55 executing program 4 (fault-call:2 fault-nth:39):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  972.743149] FAT-fs (loop3): bogus number of reserved sectors
[  972.773533] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xffffffffa0020000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:55 executing program 1:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8000, 0x0)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x0, 0xffffffffffffffff}}, 0xa)

[  972.789115] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:55 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
ftruncate(r0, 0x1e45)

[  972.817214] FAULT_INJECTION: forcing a failure.
[  972.817214] name failslab, interval 1, probability 0, space 0, times 0
[  972.870580] CPU: 0 PID: 13227 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  972.879111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  972.888717] Call Trace:
[  972.888746]  dump_stack+0x244/0x39d
[  972.888773]  ? dump_stack_print_info.cold.1+0x20/0x20
[  972.888797]  ? __kernel_text_address+0xd/0x40
[  972.888816]  ? unwind_get_return_address+0x61/0xa0
[  972.888841]  should_fail.cold.4+0xa/0x17
[  972.888872]  ? fault_create_debugfs_attr+0x1f0/0x1f0
03:44:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xffffff9e, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  972.913743]  ? save_stack+0x43/0xd0
[  972.913757]  ? kasan_kmalloc+0xc7/0xe0
[  972.913774]  ? kmem_cache_alloc_trace+0x152/0x750
[  972.913791]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  972.913809]  ? __list_lru_init+0x4d6/0x840
[  972.926407]  ? zap_class+0x640/0x640
[  972.926422]  ? mount_nodev+0x38/0x120
[  972.926450]  ? ovl_mount+0x34/0x40
[  972.926465]  ? legacy_get_tree+0x131/0x460
[  972.926483]  ? vfs_get_tree+0x1cb/0x5c0
[  972.936538]  ? do_mount+0x70c/0x1d90
[  972.936552]  ? ksys_mount+0x12d/0x140
03:44:55 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xa0018000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  972.936565]  ? __x64_sys_mount+0xbe/0x150
[  972.936587]  ? find_held_lock+0x36/0x1c0
[  972.936608]  ? __lock_is_held+0xb5/0x140
[  972.951896]  ? perf_trace_sched_process_exec+0x860/0x860
[  972.951928]  __should_failslab+0x124/0x180
[  972.951956]  should_failslab+0x9/0x14
[  972.975862]  kmem_cache_alloc_trace+0x2d7/0x750
[  972.975880]  ? __kmalloc_node+0x3c/0x70
[  972.975898]  ? __kmalloc_node+0x3c/0x70
[  972.975916]  ? rcu_read_lock_sched_held+0x14f/0x180
[  972.975941]  __memcg_init_list_lru_node+0x185/0x2d0
[  972.975961]  ? kvfree_rcu+0x20/0x20
[  972.975983]  ? __kmalloc_node+0x50/0x70
[  972.985502]  __list_lru_init+0x4d6/0x840
[  972.985526]  ? list_lru_destroy+0x500/0x500
[  972.985545]  ? up_write+0x7b/0x220
[  972.985570]  ? down_read+0x120/0x120
[  972.998813]  ? init_wait_entry+0x1c0/0x1c0
[  972.998830]  ? prealloc_shrinker+0x172/0x340
[  972.998858]  alloc_super+0x933/0xb40
[  972.998880]  ? destroy_unused_super.part.10+0x110/0x110
[  973.006819]  ? sget_userns+0x17c/0x850
[  973.006840]  ? lock_downgrade+0x900/0x900
[  973.006865]  ? kasan_check_read+0x11/0x20
[  973.006887]  ? do_raw_spin_trylock+0x270/0x270
[  973.016914]  ? security_capable+0x99/0xc0
[  973.016944]  sget_userns+0x278/0x850
[  973.016962]  ? get_anon_bdev+0xc0/0xc0
[  973.028613]  ? vfs_get_super+0x270/0x270
[  973.028647]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  973.028691]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  973.036529]  ? ns_capable_common+0x13f/0x170
[  973.036548]  ? get_anon_bdev+0xc0/0xc0
[  973.036563]  sget+0x10b/0x150
[  973.036587]  ? ovl_show_options+0x550/0x550
[  973.036603]  mount_nodev+0x38/0x120
[  973.036636]  ? ovl_own_xattr_set+0x10/0x10
[  973.036651]  ovl_mount+0x34/0x40
[  973.036668]  legacy_get_tree+0x131/0x460
[  973.052774]  vfs_get_tree+0x1cb/0x5c0
[  973.052790]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  973.052807]  do_mount+0x70c/0x1d90
[  973.052826]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  973.052844]  ? copy_mount_string+0x40/0x40
[  973.066256]  ? copy_mount_options+0x5f/0x430
[  973.079144]  ? kmem_cache_alloc_trace+0x353/0x750
[  973.079166]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
03:44:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000580)={[{@wsync='wsync'}, {@usrquota='usrquota'}]})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x240000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000080)=ANY=[@ANYBLOB="05004103", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f00000000c0)=0x18)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000100)={0x1, 0x80000000, 0x56, 0x98b9006, 0x1f}, 0x14)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000180)={0x1f, {}, 0x6}, 0xa)
ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000000140)={0x2, 0x4ee7, 0x0, 0x5, 0x8})

[  973.079191]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  973.079205]  ? copy_mount_options+0x315/0x430
[  973.079231]  ksys_mount+0x12d/0x140
[  973.086829]  __x64_sys_mount+0xbe/0x150
[  973.086853]  do_syscall_64+0x1b9/0x820
[  973.086873]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  973.086892]  ? syscall_return_slowpath+0x5e0/0x5e0
[  973.086913]  ? trace_hardirqs_on_caller+0x310/0x310
[  973.096502]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  973.096523]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  973.096539]  ? __switch_to_asm+0x40/0x70
[  973.096552]  ? __switch_to_asm+0x34/0x70
[  973.096575]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  973.096602]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  973.096614] RIP: 0033:0x457569
[  973.096628] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  973.096636] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  973.096650] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  973.096660] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  973.096674] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  973.113579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  973.113589] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:56 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x14}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000009080))
socket$pppoe(0x18, 0x1, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000000), 0x10)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
recvmmsg(r0, &(0x7f00000046c0)=[{{&(0x7f0000000080)=@xdp={0x2c, 0x0, <r2=>0x0}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/34, 0x22}, {&(0x7f0000000140)=""/101, 0x65}], 0x2, 0x0, 0x0, 0x8}, 0x37}, {{&(0x7f0000000200)=@vsock, 0x80, &(0x7f00000025c0)=[{&(0x7f0000000280)=""/79, 0x4f}, {&(0x7f0000000300)=""/23, 0x17}, {&(0x7f0000000340)=""/130, 0x82}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/185, 0xb9}, {&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/255, 0xff}], 0x7, &(0x7f0000002640)=""/83, 0x53, 0x8}, 0x3}, {{&(0x7f00000026c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, 0x80, &(0x7f0000002940)=[{&(0x7f0000002740)=""/185, 0xb9}, {&(0x7f0000002800)=""/137, 0x89}, {&(0x7f00000028c0)=""/66, 0x42}], 0x3, &(0x7f0000002980)=""/42, 0x2a, 0xffffffff}, 0x75}, {{&(0x7f00000029c0)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000003ec0)=[{&(0x7f0000002a40)=""/231, 0xe7}, {&(0x7f0000002b40)=""/191, 0xbf}, {&(0x7f0000002c00)}, {&(0x7f0000002c40)=""/240, 0xf0}, {&(0x7f0000002d40)=""/4096, 0x1000}, {&(0x7f0000003d40)=""/42, 0x2a}, {&(0x7f0000003d80)=""/200, 0xc8}, {&(0x7f0000003e80)=""/59, 0x3b}], 0x8, 0x0, 0x0, 0x1}, 0x3ff}, {{&(0x7f0000003f40)=@ethernet={0x0, @random}, 0x80, &(0x7f0000004640)=[{&(0x7f0000003fc0)=""/240, 0xf0}, {&(0x7f00000040c0)=""/225, 0xe1}, {&(0x7f00000041c0)=""/115, 0x73}, {&(0x7f0000004240)=""/84, 0x54}, {&(0x7f00000042c0)=""/138, 0x8a}, {&(0x7f0000004380)=""/251, 0xfb}, {&(0x7f0000004480)=""/177, 0xb1}, {&(0x7f0000004540)=""/243, 0xf3}], 0x8, 0x0, 0x0, 0x1}, 0x3}], 0x5, 0x10140, &(0x7f0000004800))
sendmmsg(r0, &(0x7f000000ad40)=[{{&(0x7f0000004840)=@hci={0x1f, r2, 0x1}, 0x80, &(0x7f0000005c00)=[{&(0x7f00000048c0)="3cfd1bf8e2273a76cd9e7d6d913c7d5b86178e0a5d95715bfe46e768c04c590032b2ce30faaa9fd781e0d957265ccf856b2b0455ff50393afbd33a79f0ed90ffb0f01d97c92532b50565312b741fd791e323eb0259a1effb2b6a6e57770305a11b24731c968a6637730b48defdd582700579cee9a90b40c718fce6085eeddf68c551b8fb87354298ebb897901af2631f449ccd780fd72cfc9fc5094bb05de2e5102aa3bd1f7ab62a88da5e6dd09ec2efc55e875d698bc2d4838d257945857da0558d831cccfe2bc4302b95964f7c06d6ff8f2b5f331434a7fee4aa7f094b8c4d0dd9d279405ecd148a1cf6276f45a971dbe73f1d60804b703d34de095a675c09d762f252414865d0e9a181f0575cb5502edd04c27679c1881c4e20ec1808ed6977be083a7c6addba2d380a65a5f1cee6534a787134da490171a8f0d5c6b89c9b096fb0341a57a4bb9436757045d6fc800a458e00d9dea493f3d772d1e9445a9ee848a7fcbf0aa64f86b32ca0183068acd8643faee5ac094f0b440b5aecd1fee21c887adc230e95f5724e1376a05a276a544f432b57c7c1fcfab2e198da50d3f045c8bf6b0f7495b538d5df85d8bc924c7c7c16269963d77029d759d0851d1545b9b9282f3522b7b6f45eec251b186ad01a8bd3f6f1d7e2b5e25167c8801bea8532b83aa1e868fd775d6321d58460570c9b9e2271981ac77dacc543d02079274823c39843dcb2354b6ae6257d1d6025b7347bcbbb245d83653af9e9e747cdb845417d79c8870345375458cdb19c0828784abf137b3467bfa4bab7872160353a806d673ec4a0c63790dc475d58c777252cd447f9cec1b764684dd356888319c1387e263e7028145571327044040d66a0e0b5775204923166a5966e1ceded72319b5ea794395885848a30e49b32b7bb57690d21dd792d5c4890c9adc70464305ad85a72e60d50897cc6622bdd56b7b2e1b61330cb190dff70c01fa62c5689de5dae70ef98acb0ff9b4b7b72b657a5078d1bbe88a2d13b75e9d0b3db664b12fb802f22d3865b2c346fce6d79e282bbe33b2e22ff304a7814649d3c66aed233674567363f5b42ec4e4450580a33146ee369eca6aa2002cf9f87b9d990606a029a017b44b79898ba4f21b490cf9038644da4b7d46cdcacddbcaa431cfed7d6fc285636521c3854d9017c4ac0b0dff6670aa61668ad859e44eb3775c5bb50b7bf2381fd8fc79a3b1626884d09cec4ade5396aef1682e8b5e9e99c71c0525d5c0cfad0179ebdb1ce6f70ec93dea0d3c1debc5984e5d718c914a286f53320ba62eb535661d8bd55f8d1d117ddc73e1d0dda61b0641ee872bfebf51d709dd4fdc69a1250caffbb2d8b24b34ff7734b464487f28a3612af9e7e59b94fa69087cda329a4e9aaa33965c5e0d06b5c1ec65106a63965d47e65fedd22ed3169804f11bcd28ed380f7e16a40bf0dc99c721cec878ec5b3c1e34d65f5a6c4bf6e28b2dab931832823a6cfd9562487557c18c5b57c826c6b1b0617ae8a6f9c040305f89810544ed3d6700e0ec514db3307a73dd45c365334f2d4758ed16ea17f290f0380ff708e52c9d901f162517a37a15bea386d18e5dbb5795b83be989a8bc246f3b60b7b9e7eab6d8f4b6fb92f20f0c98d04f96534731ad7b239e5362e14a64b65c134f7183dc6ec239bb8904b33633c907981d910802ba9d28b17af353a64b11dc7a1269b992f8b5d599ad341664fe0e2d80b2d3bf3064152bfbfbc8a59e5658f3933b6b98de9dda7e9f603dd447f8b2cba845e810ef7cb80b2922129613409e6cab6370012c04665734f679fb393955da5c96fb445e7b0c2fa78402fcde9439e737665eb7424b17cfa15f5410f3be0de0980c1bf9ee7ab48a115cb0e5709577f11c877039c8def8d72dabedf6a717de87a53f48f7cf5d5a05986da7878706e561007c37cbb6b3130b77b1fb2f1d7334318eee3d97bf974fa03c001d8341032bb553b071960206d11f33d0dba4e1c92d72c1a591f5652184a3b282b63733cefa1640022bb6ac5370f0713e7b378d5562a5c293f9e2fa57472c2e0a4c7c1f81e8d4839a55b0d0ff3440da23d3782443375cbaddb908bb0b2731243846fb227a13e3fe405fd5291c4f3202e30a91d3785385117f0103e73c0f671fd998ad378a0458ea5d8b5e2e7b5217884633906287327f3a517e86531a8b9245e45840f5167932340dbc07e44a2de4e1e2c8f26413589e3fb68f02187d450fb53cf44e89fc3ad823324aa694120100e81e5366a76cfa986b702dcd71af3ee6b95c7f049ebc18fa44de1c81074d640e11894a415ea8c5bdd9ecd763e9fb896255d3fdf2019890efc49720bfc21c84e50284757554dd6e837d7a8723567371b9b63da12be54152ae781692cf5c661260f50035f6b1a7ac3fd9b5456ad3f3ac6e075b466dc88d8d72accb7916809a665d4145bdb691ce357fa611e8010876a7602a53dc9fac937ea81464b593cf83ffde3cb72a5607cb4a537a41978172944fed9575d444f699d476d48302dd72b975caf0149ccee100919c768b658e18cb9413828b99d9eb8453ac91a41b017f08e0154f8a0abd4f034409e517ccfc7c096629d0aa985748cd06ebd9ab4f6d9ff2ebd46fe3113c473cc7d31e0b432a235c2d3a330ab466b745d9a5fbdb7149d1e80663ed2347b83de486659140226b0c137d1b92148628d588900d1428a419bf01bb3ac1a9e4e1a00f8938fbd0810f2a86a69631c369f60accce7b0aeda440024f5aaf65a4245843b3c907edc10e621cb67baadeac97cd0da718bcbc0180fc1df6ff1410027a63e10ccf1c50da6338adc03a925d5ed90eb9bd83892027a7fa07e985eb410608be68ca06304da65a1ab54437b250f2fe6e24f1e19a65960843e4f394b11c00bd619a694f970ace65fd24b9d593d53c80ac40d9d51526cc3c467d4d0c6e476603be1d12d10e7a4abcc61c964a045d96852d2752e7325a34ece618bb4b790ceb4c7bcfac42285adaaf2699af69fbbdf89048c64b95a230996971958573b57066ab26ede9c504076a51c4546d8a4c5835744cceb716ca735d4816b539f85f0e5b06fa3c2e26cfb3a32acc86f4017077c5f87eeddad7ac6b368715212b878eb4853a1153055529fb28bb25ff3126040bd4a8b3045cbe1dd60a4215af80c48d3418ede675c354e29993756ae7a76954f80e047c0c81fc93a3719a254532a54d16d2d42ddc28310103b75afe7d89a33c18f231edffbb788e46d065b670d7b53cb296f9b015d131bb4fbb00ec478151ac1c627e75ef27dbec6283e4e6878b0716e982f3227a86498b270edd44bd24ad36c21405a0419bbae5632fde7c5a0c7476cb77ec8cf871b66183e1c66f8a58a8d0eee1203305a42326ab5da811d01f7a5a104ac7715957e81c3da627723d399906310a4086ab419666b8227bd0dd3472d9d652f2b34002b0fbd23049b4101b53d909a6a25fb7430a007af300cabf72d8716389023fbba5bdf5b7ae60ba715e65ba9968fbe1673cbb41056c629d1df5950337438cd6a79ac24f5df8654e291cac56a1ba41b37f05d0791b3dbd347ca2e22b0eecffb48b95bae8742480b4abebd8d70080c8deea9aa33bfeb8075d4dc83908e04d4a7591b8b3564f5532827cec8283d94a53f7572e8dedccc0a72ed346a561be86d65f82be343cc6c5bc92b6c22d6465b291bcd00e1f79b2df08e52e330fee4ccac26e7a57dc089bcd4a93c091cec579c9d6018eda0c2bf79c35bb532f19b4e1ac42caac453b2df5115adccba5b34f8690f7085b2e7d0ee869ec94bf3997d07c44b86da97c5000a164f888671748d0706b701a1637451b30bf26527f5b8460b4461271fc096b64eb1a29aa6a197e8679f3d1c88b4157fe9f2110063fe503d621348fd9db2c40c2bb5730c6faa841ed48bb905b9dce5545ac960f2a78116bbab1b8a47de195d5842c45fa34288e1359f0f75bdd8f6332161f0b49b1e0337a9d6c4a922be44fc49e64a9edf68e73dc34dd88f05ec25fc68950817ae2134179b6acc730c9cabc111781423b9ed63c9bad7fb302d2e17f41e7be50fb01d55c0f343739d06dd5110f13310ddd767ec17f18e07ea8b229f2d622e8f173bb7b75ce816c6379ebd2b0955bd708787d4cb4cb2627502231e27831adb1ea07d257d2cc9cd289c3619ea4b9a41dc5bea9b96c6069e471f509f96461c3308fe14284db8e14485ce8789bcc98c90d072eb0bb183c7341e47928161f2006c2933c09b9d4738ec131752b10636d9594b6935d3fc8eb44d071cb2b2b6182f8e527380e0b7d8218403b6ed05e4eca2775e65a2f35cbfa655164085bb0eba640872d00b9b6f0ff86d2f33707834d58f9c48fb5cb0055fe13f6583bf9589f90d9fac746fbfc238703886a6fa7e9949f1481c5cf93fecfa82b60ee8aafcf9b252c553e76b841b867aa8a6f679e689c57b61c3f1596edae331fc4f018caf8785cfdcb385b2b3eb7ca6f563ae44a7add4915882b83e0a7fe09a7cbb06ad11a50ae522c8e275bb3e22689bcfdbfa4e026a508636e7cbe948537224f6436a36fae2e6c7326aadcecc95aad34a6e07f51d57cfd807b23a1e453a107de2e5e7742a7f8906532c271dfd4dd1e1f84af157d514d25281d6ff7bf7d240a2fc839c0598d7245ff715b5286d7a9579998df64a77b62345dddaf9f15444df283c0557507a36a0ae6ac48c98aca2caeab73d604552c50816ab0d77ad32587697ab4bbc258eb3bf81ae495f5a0142c2f488632072599524c313b8e31a43e10cfbf18b5fd664eda3bba90e047b56a7a59d4156c6c45a51f41725f72af3665025891e64cf6f1aab276c165f105da683b9f5a571bfd0acd06b1a7a93ee99f0aeca7e85689b69a4166a9a6f30d973221b4a66f0c7a258d2b782fa4682cfd885f9f963ccfd09124320e53695e70421aa3b96e6c2fc20bb47eb15f6a409d29ae5bd23b1bdd690a6237f855ff0436af17a2d50d7b581a2127d803cf98ddb00f26ab0af47e41b6819daeff0f0f2fffc7da7c0a0683e339d8751321900bbe2b04cef7418dd98e92d8d9193ea2c43f20347aa368864f6c38e141a06c6712055cf3d1c73d7e83249bfc238533132496ba915f56b4589affdfdc25c670c0aebe31c5be9b58fc9103b15d68b8824763694999af265650fb2df9144c3066502204c02613afcfdbbdec612d57fbe5a67e831929a025ebe55bd8fdc0345a9486f67721015bc87c31e78650749cab970188eea52b1d161e7502580e734b3965f87f7696fc66da4d1594e9ac49b0b247cd5e2b106ea5fffa29f5a45e393d7bf81a927ef55df04dc37e6e84eaca74116c8c87c57bdbd178cb38660027e3e7bb5d707172f4ee9d114aa0cdd6292481c63a204db03963f14d24b7f23de696b842b7526d8bee944d01ae597aba86a976937fa4b6b68b07de19a47634c9fdf4ae4616cf2de7d104882bab36b4add37b993a30d199d4873cc8bee55cf3224a094d60aa5b20849e6a0e8350e410d4c03959a80c7041fa10c8ad67f2e295707868d8daece01513085edded18da1140a300b7a63b4cfc6ace4ae0405e7b4f83e0c649a88d505755fdfc5f279f569a179b46bb7042bf6b9c6cd11577e7c4c8199d760dfee7c84d171049692dd5dd8db85564b2157510896fbe4c56e124212af145f1fed003ca2cc0ca46c3b8589c0032ab5fe3fff2b9709384cfc62bdd1dd57a81f5878ad30425b6bf0ad6ce10b38effb6c2254e64f4638f1a270041c7a9ad47fbb64ff9e5ee886abdc1c380e36187d2df0ad8b6a610b0ddcdf9380", 0x1000}, {&(0x7f00000058c0)="93cb64b1837f2e9f543d03963a054c053add4602c96ac05c35496f8a76d39169ecedf0b539d09c9af49d3add7c3b353aeb9b3d7b83c6fa98b105c68d61889d4c74aad354c8b38182e6d0edfbffee5dc7138494172178da12f35478302366368464a31f4a1240d4d52495ea0022dbee19feb80044b7cbba1e701f75d4313702a5679e3c10d3c30f16dad622b6c7e7488d87966f62e90365b2186a0bf7fcf7ed0fb86dca1a528659", 0xa7}, {&(0x7f0000005980)="5d1fc26bcd20d9c1eadede476824d45fa7a7cbf9da464fe02dfaa8876f9309194e098426dc4a425ff2e912e8c5be2dae1dc10f533130b8d6301fb8b36d47afa7b80f15d675c935991bc7897c74409a8d953b1bdaad915d61c1c86c0d1489fa63bce36fb84ce9f54073a6c74b47abf611fb1a22ee8bac07b91bc1b8a171d88b8332419f20e06fcc7f350d18dbd4789e8bdc4fb0c8ba59195507", 0x99}, {&(0x7f0000005a40)="edd3569a4996a8461f48f5de423c8cc2feeceb974dcf954652a967f2cf79798d6ab990039dfaead7d280629c5cb2ee1f5a711d976275ee78aa213d9e4cd74f5d7dc36857c05d093f7910f16a34d6919ac82eb8e660f836f6119f950e24fd11b805b6e29d58e9c98a99011ae878457d0756201e39476125a920c65fe5268466b34dde84b3249921c1627cc0044ce5ffd37e2859d72ba68701725de31ac0d2d78e6c97303144af9f6c2c0db60f2252770abc0442946d262157e924dd95b808c8c51f414d3ffad0c0a49bb1bb125f00c797a41dc146601fa14195a4921499eb53f88ea317e6bf68fb2d277aa874dc6fa707e7a9ca2df4375d1abb", 0xf9}, {&(0x7f0000005b40)="e335ac77c45b237aa7155de7e137870902922d0804fbb0352ecafda9edb314598fc5bcba61532aee2d88d4e14c8d86adf599e339ea9f02ff8e13ce7c41be6e535195838aba4f0e5875dfb024b295bd7b1ad09e4af52fc82ee521e6a78bedbac4bffd8a121dafffa5e260e793bd242329264575eccaf80a5acd7b50ff0efda439328a8552dc7bb608", 0x88}], 0x5, &(0x7f0000005c80)=[{0xd0, 0x0, 0x200, "fdf98755d12366ca1bfc151fa90eea58fe7c8df28dd08efaf4537daad63d4184013b2840a78d7ce47a802a75d8d17c119da0b42f92ef78c3e6c874965030eaf3a0f4e7c5ca9bebea92e90d0787362aae371050e5457d8cd80484fdacd419b7bb5234a8cfbb2d5ee051d8949523154e9751823c0a0ed2e3f04d094f6db120b75fe9b9b5c3ef0b783e9848d26ea04191fe5f6c199e824992e2f487ff57110466576526084f76608e5346a16fae3a5512752335402d34aeeb0d3da3606a7158"}], 0xd0, 0x40840}, 0x7}, {{&(0x7f0000005d80)=@nfc_llcp={0x27, 0x0, 0x2, 0x3, 0x3, 0xffffffffffffffff, "2417f2a39fd3dfa65bfca755b8532280719901ec20a9e0c3fa12187e29e2e73400bdcb37793bcde43a15bd5791944a33573450d3a6ba713da23f5f75c4e89f", 0x3}, 0x80, &(0x7f0000005e40)=[{&(0x7f0000005e00)="f2ca408e96ccf2c5a77c2ff19a4be501d9d9b3b6d7a80c4cdb499d0e6ea6c48d08862d18ab", 0x25}], 0x1, &(0x7f0000005e80)=[{0xe8, 0x29, 0x6, "e6b8da70f3c456d53a41b0e7ec96e4483ce83a14f0742a0b9fdf1a912cbfa95e62f7f6c18606121733d161049ee38a76678abd3451f8489a05445f5345c08bbae018ee25f78e73524f9fa77d3e248e047d9ddb36c8221117b522ffdda3186d9e48ef62da9521d90ce136b326d28300050d89a305d5ed566bc9cd88cd81f8ddc23655ba05da5cc2bd0621dd2af774d4495af2c8c3d10d8c86d9bd7fa85b8abb233595e1eec4eb966fab6430d25288f82e4e957df17cd89bd5c331fcad68fadf3e382038ee1cf34d5db9d7213c4822bf5d57a6c3924d2f5ec6"}, {0x50, 0x107, 0x6, "33cfff7d4bf958aaa7a3854f3eed9cd23537d2ea9cfc1b5b0c672e1a5f2bedf733a704fe781ac55e5d00135544a875b2cfc3706e2c127cc6b12315d78bd5"}, {0x1010, 0x10d, 0x2, "f0b731e0ef3b4edabbdc89fa9c62481dc401f885a954125275501e5effd0d130f3966395a5d1376cf1f2a9f53a476c065afab2e6f44a31db7e2d0f5cb7342c04ba5060e0227c702be0b0e4e58f8b2c99959ce08846f01185c83c4ea85bf6ac5bcce7399a975f0cc937af8cdab3d4c16c794250ffc34baae8460e6541bbc6dbec32a2de9bb8efd221a21f92245508c7afbc0bbefaaea09acc6168b5ba996462e07dc7bf2d87464429a104ec1d3f0de7b9e06888bd9a669794cada85f1ce31a62088d0a5d4a92999724bd734bb20272cbd53bdc022af3225229d90016e4c2569e05571c9bfbfafa95f442c837babb9ea57679ebc76d83de31799bbe815fed00806a0e80b4908a2cc644f99a75ac16532ceb63c9d33bac8ee04b163e9d5d5e600568b6ac6868d2f822afe642fed6adad630b479f91a6d8c8912dce4b700ca75891cee4791962e30336bef6ea1396857144796e610093e847467ec66b7f6fcc25c8e9d33806affae7bceba19349642613b0caf12a8c5557778faee2f3d002d037369eab767df0341e9851f0f31775871e8dbc9d5bb4c3a00de35fc38416c31373e7bd68f8fbeffbb2a3dd237550c266232eaadfec09cefbe9cff2e7c60afdb452ec4e3d7dc5d07f5585f589ce81177a8ee25c9e35b60f8debe7b610fc3cb2bcc8b5c90a545b951fdc8a3141a689c440f57668ebe6ba8fdf8cfe14e601fd1d964900b93b0c07bd32fe3a6a9e7ea46db79fddb041fd9e0bffa7c0a971f9925a5bbbedc765ac1ec71a765c03ae936d372d1025c63f399e0e5b91d795ea5682e6585a0358db58d4e5e16023be2a054252dddf14fcd125d692204e9002084888b3d457305ffc8c7ff448c5e2f447660535944e0209096b929bf1101f01ed877346713912fa213a84e968de36aed97247748990ace639d9e5b29351c67b22e6be9ab8476a32b29b5ddc8aa2cbee5e01ed1f75ed0d318b618d5af1141f27920dfb103d2beffd2e79957fcfc87d4aebb5614839db2a80633d7a0a8b2dd9f6ebedda3d8539420c8a87f1350ca00619bf43418d3f27b48684e9ff359ebc9290cc9d40101a7f0d42e4debf3ef422271e53b7e5fdec01d71741c6e5be16bc4ae812fd8b877819986aca9f3820a596cc7e2ccdbba4cd1791199367c701f97ca02503b5882f9dcb258ce2cb258908f1961a5e12114e74fdd07d4492b658b412d9bf7cab553f635e39238d85b650bee683899c8de4af1701429419cfc81c8339110922d4c363a599b6b8b561d4759413cff544dc5e20f3e4446a99b2d16db1fa0c04ea498eeecd1b5f915f533cd8b5ca00bd55468d441c0cc0c893c32f4623c1118259cd61b9353ec6d07982117832adffb0baeb722123fdf6d117aaceece75f77503ebbb8417f6069c5f6e12dae19237fdaea0353515c12e5df683f4b9142efffc9adc606650116d51d8f70d9faf84289b6061d6fb6433919ed3eeeadbb18b4150ee46ea59a40d840148517975503acb1d4b69414f6065a76369070aeb61c9d4ced7a5970686d82e09b7dfefcd6ee73ade1db9d79d92504240163ad5b051607068c2c5b3fa79785b71b894c5ff956fe7d782e11091ccf411e7b111b91b5f88f9ff5833ed8405af4c8a8302896d292df3ccfac900be083db6fe5e2437030076bb9aa5bd7b2a67af73d1fc37e98b2cdd5b8260a3cac5ccdd21830b735e56d1745cc18f5ddfa519b4c5cbd5503b7781c16b558f86f02f6073747c04c0c1e029841afed483e21e35a46f8180b9c9437bb2dfe40d2763041d22c46a39fec93c10fdf9ea2b1a8ae1ba8b645a86ac61bd6340ede5dcb8ad58c420e58507f0cdbcb0f076a2bb4013dace223263856c45e7d7385ff00c445a6df656b58b341ff122282eda39dc280d19a3f586700be81b5ab6612a6fc30cbe6af90221975756d349b8371146a8f2bbd9448225708e022dc5f273d156a3412491ba97e9cf8d26f0a66a5a1e68065a9a8813657abd91a594c474cc50dbcb33ed3a567fc1e6c10073a805f3304407524cfa9aba95842b117dc7921ad8607cc6d2637a44b7471b279c75cc5978534c16f6c1fab06f595c66d86a4539adf6896ea7d0152ddd0667d1d203aa12d1fe83dbbc2b89fbdfffd221071b2266846f4c9965f15c7aeb181dadcfa4631b722d89a5164fd5d31bda5f6dcb5599b009ce3e93efcba18698ee96b9a0c3fa75591282b2d341abb08eec1e280750e690ec82507362251aad8f44de325b135ccfad62dbc7c97264fdf315f947fad3b45f2b89d9115e22dbd1527cf300a23089b55dc54c24720e7b6653f98e64f682cee1d372a87eed1f0cd520f85e79dddf5034c4bf9d8e9ac89e3f983120079c41e1357869d248aafbedbac9e4c59c91f58d499b2781623a7413848878c6b0cde1903fd14dfddfefdf4addfbabbe01c1ce2703829a2630c04bdbd5b66fdce02632e5b430fb345da7c2b50c97216b168237f23e39062a77f2ad8062b86109f03ffc319ddeccc88399c4683ffa3e240a250891dd01292dc8c4cda1d04be74f0738fb81bf9ed2d1546ae32df656264dbec49ccaf672992c1e39097f66526e3ed130218465cae89973e234b5202d92addf0931d5008ec006339198ca8a2e0ffda875d7c53cb4ba8a3ecce79429682c13c3840ad1ae4a57a463f318ad3f2cd92855bd0570769a3a7efa7c362f60ec5be95b20a77345848fb3bb59bb423f39a665a460b518b024d004f8fb911f54cbcd511229c470bc6e5491df614df0732ad4cde0f74756b7b95e343fcd3376341be0cf99fa8619a286793fb8b834616f4e8aaeecc6b442f95926db4ac17be2c4a44395cd87918d031c3756cfe5ba2830c929c7ffdaf704421a043a18b2482c424979617c9944ef61e2e61e147e347ffdc42650a1d1b723693d7defff2b3e125818660eec7c0455fa12ebe9c71565939d50b28d262809d578edfc07d4ef4f365c6dba3f11d5db3456644dc4559e6b2f951f00b4b5fa2b97596fdb5a6b25ee12b5a24cbdcd4cd8f2386a3d60a18ea1bab004c79ade181dbbdb7c89eb932f959f452dc293c918b77aca891cec523c28e7bd4d0a84f0ac073760c7d40215e17468d18318d8c0b8bd84c6130098ce6a608f126ac5154be5de239c454866f0013d1f42f01ed46f1080fdb47d0683a64e489ac92daa45c61cc868ed142ff82cd8c50a8268ad038bcb17e906b9f6b4761360bb7bf6c54a310f69c6056cef8001cad374f1148ec658f567419f6a9b67748cc6cdb5bb0f2a2e5e2984c1afe0c60ef3c8117aa983271170f9baa50463adb04b0613c8c8f447351f61b886f646489089cb712bbebcc80f5e1a480e7e1774fa826fb2eebe76aa7f0d067913222cd15e1907ab2ad3440ad9bd8c0898829da31f38c6bf5e9cf253f5c9ce97910b3b92cb84bb9811d651855f7be2142d74a9a7259caefbf2b36c94c3ea9d1d45b3228fce86f2481450faea8d218107c621ce0794aeabfe97e180c04e977ef938819e3f64b5ff8af73f7d889956b78c6ef3e9ac5909af7c4b1c1973927581f797eefb00ffdd7da986251605666d900eec7cc7ea52e71a044329cd516441e4c80dd6beefb00832b5864847d774f67f253559fecee24fbb469fc5e16fbda04b1ffafe9eda34a802fae9968ba924b577cc0a3bee987e4355386005576feec6b2f314cce0ae6f2b2dcbb80b5ec2cfc7ac64d5be4c162e4ab1fb3b5485bba307625d6213b82f2743afb2fb681ff344c3fd675bf941414f9298046f5124e6dc91e1f54616729cce5d4b1fd7c5abdfcffa1ec9aa7cf402a8301758e9c36377ae68505a01297c7d9674d30b69acf37d699f1ff4829377782e3ab587681405afe5b8b9db77a17b392c83c061a1e39e4e0d278ab66376e13fcd056faf8ebfd95ca1b7119209f7df7cdbeea8f5aa0eafe28c4aef4b81b4db4d3d27c43af790a907b26da5f1d6c07fddcbc650ec875c028e0922c6aadb0e6e8c5a1098441f4b5d92bd52191c6a7ec0eed01f6efd37bd9a507f3d9d009c008145297d42cc2893db51c6ed1d64e039341b71444dd8a10d09e33b06afb9ac0b8157c1cfe6a8c17d5690d1388db1d1c53e4de001bfa210c91adeb00a4802c8fd7b2cbced11646d0b924e516e47bf173bc0503518a413aef2783556d54b87f9a9c422e7d57113e7cc0ce1fe31b3a4bff0c5848b73a24217a58c73d6c9b15fd9199d77000626c2c9df57728b70183216af65d59135e5e05bac1fdf6d71c1515d14459a72f3421ffd94369417dcbf1bc19f09acc3899e8086e04538d784cb3e07b29e04198aea9ba916a373cd2a6735ffa444aad32f6fd98af17b362933756c12a4c8138b77c5e7ce081c5026871bff2b794ed2415a9a8f839dd4f7e874de870f542b1af77f9bba1a50312cc5013534ef97018022a627c8f23e9942be56fb09e1a82486038c4890016f5f6e251fcebd8f6afa315ff3856df10855ca86515dc30bcf93209c9b485e67f239d87efc29420067d8b0d4bfe7fafbf8b4b603c93a52fa05d43f938b510418056267fc09c86053da57334e15a0291e458fdba8aa9689630b07f3ce3d6fdd979d612f7b382713729149c4baafb8222ae8d29b3688d8732c58f0b4682a3a54317f92fb704e670767d0b113f8bd121ae4a873058e35a56997b5a1b1dddae28844ea58f3a128dfcd6884303578ec9554479c940d12ec1eeac8761c72e489b7d7ed90a160efe20fec0d8dddf5974cd866ca6d562a77b13e7f760cb81cd8b109294e5dfa76affa07e87fefd007099f7546c9c932be77b54db6e9cae53ea8e7e01e599b464baf6447d2ca6086f04d5378d0ec03fd6890ecc9aacbfef75442f738a4b84f9b121c9f6dc841cbbd643f0b99801c0243b9161bfcc64382ac022d168c108ed6497aa4212e1b8c2e214683e163f21222e99d6dabc2756bd431190335be61a775d56013355c674ea159e7f58edf80a7b27b113ac33aef11edbd05b2cb14262dbc3724097e47efafeca926cd0d3ee847aab5e9d1bcd560b12bf299e969d1fae7f08a723742da645a5d392d257f1cfa2dd15e2ebc5387b8e606fb303c9fae5e339e0f207d2a1e35992d4caea8c96913830c6f0fd1b1336d01532850e8da6bd6fa00016d0637ccff1e7fb97ca5773290099496d1fa7a380f9a1df3e991f33b1e5d6c3c00e8dfeb4c5a2d74b86e17c06b10d4d2707f24d05a7692741267123a46d9095424f0acebf52319d039aedd87bc418d468387fb277d1c6ce5b4e4dbc6b3d04e2f09ba4b50ec5e4503cfa855df7e4f271808d1a02a0fc4b0b524d2cc71656171900ebd3b6952e06506900d88a2af6afc3f5bb271f86836e2c2f6833eed4772e08afa0e64063b56ea9d92c49ac60f1ee2733aed43d142f5832b3db11f1257eea911b2f29a1c293a095e41af8993ef4076cc321dcdcb3d706150086a955db3978e01d966e466fa492fcbb6e0f4c2d847063946a8559d4b8d8ae2b5d8e21d9b921608e05e38b89a3db367200efbf44f7f6e0690a3aba064b4c031965688ff777a618738fad948a193cb536cd6264882bbf2794eec07c9b4c3779f584126efadfcb135c2528e11dee754870b5f407804b33033ccd52e2c6201dc35a9eab806d6193b03f57d8ee4a66ced73ee5459218f7d030da6bf070239b64384abb6897338199572c86c1972f4704aa103774a9c5e685fda20fa87e53450d7ba4888452d5afe050f5cfb1f393a33f34601011cbe0a49b59aa0160b2a49bd03eccba951aa54e6685d185c1c5f5d7116caaf1e14112479d7477f5db40f87fe6c2262766deb3b6516d7"}, {0x18, 0x113, 0x7, "6513a03b"}, {0xa8, 0x11f, 0x7fffffff, "7e2a43c5f0454d3737b0b0c316ca654548ffd99c349969c5304d508adff5dc4009e03dd27e10fac2eeed571673822c48d98f448b81922ea88efc8f0c84857b20ca12f7790b3c62e210254722ab3973ba6bc1067386fb133110a470e5ca167305b59e3a03a22e4be2bb59db201d49106aaf0dfd70b69e7fc45fd704e28f777ffcb903f585aa545d662bfcf2c376f5840dec05f2ec3c"}], 0x1208, 0x50}, 0x35c}, {{&(0x7f00000070c0)=@nfc={0x27, 0x1, 0x0, 0x1}, 0x80, &(0x7f0000007280)=[{&(0x7f0000007140)="ddc7d08f5879be54ec66f7898ec0d2952088cff97bfe702eb8862b230e273a9c7b9079739609e504bbc7", 0x2a}, {&(0x7f0000007180)="04fd2fea181d5537a472895160e26bfba1c0cc85849188e5f00eaf9fa2dd2a63859af917480339d108b9178796323ad1637462cfd56db90f57faf273b95dd4722471fcd91ecf35530d3bfe0a9dbc815b13f657ec73271abb49b2f628f27cdc5e7344dc84ce5dcd815a11ba4c1756caedc5c5fe2a4047cc89c34b1f3f2b2138c69831b26bda1a95e10b4541e6a407e20b1351af631f94c471f2e807d7b858314a17ccad2b2a1132717508f0fd4f5e17d406843e18b224f13542ae5880fe1a5c3d0ff0bb498eb645a69c8959faf8487ee684cafb212ce61babeb3a07253cca09431a08fc84ff574d93651f7d5cee", 0xed}], 0x2, &(0x7f00000072c0)=[{0x58, 0x116, 0x5eb, "2b7b9c6daf2ab2e717eee2d3702ae08ba0fc57c6a74d857418731c5b46016da98b9b155f42a3c2e9438eda3d7f9024bacaec9a2d5051434ac29ceaa12e201533e6f4a4509b129276"}, {0x70, 0x0, 0x17, "419486e76ac559344b2beda3773fb69b4ba4598da101778c2e5c844f97fc6a64e493f1c6d09fbdf24bac9ed6ab91648e019e758815f5a58c14899de853d995e66913e8bb9160b65b9ec24817c0f69ec9d1f96a6823e64cdc9d0036"}, {0x48, 0x103, 0xfffffffffffffff8, "b1a632fd836c81fc39b24128f94ea6ea5225df5cf74921de7b114b6ce17fd5865f01bcfb44d68dfc28432a393f60ea186a"}, {0xa0, 0x11d, 0x1000, "fb7e5307975ba528b14b06d9ca052ffe1318cfd594e1b419bc140381cab84064788d57a0583bf7c607aa4a78d710739676875b61e4dd599146e1412f076c808ab9d3e754fcd47c8bb2547b5bffe572cc1abb18e9125dd99c5f0902cb8b378d22f05590f1765b911fae722e5f3ec47100871b91d8beb53f045aabb23d0c71de1232895d7d3c0b24f27426cee9"}, {0x1010, 0x9b502e0ec42e7d8a, 0x9, "6ddecc35f17600445e83aeb4e40f7b10a1b1ae070bda10c2d960960a68dac053b47c78fadcc75057db4a01082650f75f650547457304222ca68f7e288d0e3eb99852049f06edf878e6311eafa2a816894dffb4d7e49d93eab0a1f5e3c74086bd31040b4f3e8befc40aad2eae42b3c0c16416f406a635c74b169e2defc90f8759f487c91f0d5d081ee122054e1283ec61b234185212718601ce1bbe34f329b236f00f8691cf42d232a07c9132479cec02965c4f245c3804f17fe107664d737a316b2b60218dc78803078e024a07b0efa60518fc77b2f53d1ea511d328001b57e7321c0539d6adc4398973a376d8d92b5eca9f6f0af4e0cf5a22a00dc7dd0d61c6efde0f541e3bc2d7cbabbe7abe1b1bf80b61821cd004087726586a3f0bbb682393e20cef9c92c27a873394e235557e38936b17c49f3655f25953d72f64ab9f8e5cd0692bd865cbf3cb6481cad42be5e94bfce1063d7b760d6d8cbe33393f916a63e3e61debcc59254a66fc94a5105746b4d0cedc48a9f312aa578accaf79264a2b4b16b44d4e0ef9fcbdd12b7336918393a6c8f1195b04f370070161455ba5caddc380853391470d61d0d7b979cab7ae5e333abfd1302deb9dddcd5ceb3047aac551ebb93e7b2391ecfe350ffda819a2e2b63239ec93f78617205dd8dee86408631a1b7d416a35a297336873803c121eefdd677d10e7205aaf11cf045bb533bda4ace19f1261615914f68861c4b18aec7843596b5403ad8ff186c3a78c1bf5b85715634da808922b677be85bb6664d88d106116c2d6104c301a3c46da0ea9583923e1d54d010156824e3b0546c6fd09103829e53aa656edac7a4f37ccf985152c81732d37c3ec0d5901b41a343b550331b11ebf2f8fb8e3385e071656e66630cc22ccaaba39901cf5cab5fb01ca6d98c5072918ab9707ab4887ae55e3ab1f02ad69746cedf12d4ea248fb7a40a5ce5f3ca929b6423c77bf7ae56b49ef90087e8b36983794bc0f43898cc8b100fabf2abc0ba5892ee06c63a2f1aeeff1f85010e29abd63f97f5b1d8a91c6f705bca4a163d7c6c2eefc86c04bd56675c9d3373022d756e36c0e31ac0d6414316a048b7c919f4d03dd71752e03b1b5cd5d53ee3f517d965e733dc07b51df4d0ca587bc2fbd0548c1543e526373d3ba4e9770d4d80a4d640e819f19a8e36a5199c46cc495f23024911359f6a380832aa8d61cd36bf7013d7bc8e6c3d3985861fb198eb905db44a3402d785b5e62dfa5b4c5eabd8e41527018884bb7516661ac3a6bbed9ef777daf06ae1f98b5a2233dbc35bbb35355cba9e6aef846346180944ba8a1f9b3b27b79d8449561f4177e3c2f0e49bc648d6b1b087317cedc65eabeb59af51473cb88145cb233ed39e8f22983a8a36f61df7d76fa5e0fcffc2f701456135b00994b4f19df09b9be821e0ab7eb5cb019527dabe01a0c036d5cdd5940fe12754e1d13668343f66eecfb79da49d2e47e8f27d1b04ad0fb8fba83ede702a597deee0c6ac4913517a2a631fd57bccaeb3bc842615ecd1cd807987be6ba6ae2526892b3c5d0b5450d0394c4a9f06aa75517989ee0c04a15b7396f97f2e91936e3fecb9af03ca7e2bc03cfb2fc0482eabcd8da3e8721798dd0b6ab01d62165611b2ab34a9eb27942fe9897e77b92b87639150703035952fc17bf761b03dd28747332b4d38b8fb0d48cf5e5e2beb0c861453dc726353598a1ac20a2baf5db88606a534cee15ac1a3a882c0af73a7cf1059bf125e0a68832ce964240d2f4aefd3b5e063c34690896228155bb1883ddd5f7f1325dadf2cfbbf7c026f860cb097508911b1f460ba762225683b2e8424893309e1af3d943abae17f005a26688428b4adda3994b33873969c167f36d859cd7049df7ffd0a728388aa462c030c3b44eb2879fdd3c2a2821ac095ec7d4514d3024c58998c58b1cc421534eafa228be21d4bbd0942a3e2dc427973c577349a8b6669ad22e2d08868b1b207c7f11923901386279089733cfe2ddbc331a1ed580600cd1e002cd8802b10ad208317b51dd3c7ce2fdab093327ea76461e5306ae2e860e9146aebbe4c8fb79cb50d97e4b10abe1effe43926ae885c629f77f159aab804e4b17d19e4095b492763f8d6168d6a76cc465e09d6e459ee0ee3f07e306325b32f7115991f002ef351ad78a2ca928297ea9fae610197ca7f09d222b0fef073883425d8f9ca116afd54a155028c2f0fe3e25b28ebf615808504bed3f9b68b1d633ee4d0578b8aa719779815412dd99f2ea5fae814b2fb0f7423462f4ee3b8baf9b7290f24ae80a422daf76bba52da24b42aa13a6bc3c0e60ca80304a297c629106533b0875ea790ecfb751c0456a5c5e4e3588de98f1a9bba2cdc6ae7c694f03fc642acb69e5f0eccae544bf00d93072c2657493d89e4d57ce0e76cceb6bbc7491948b8c8bc98d4da1afa5a655efb7657a0d6ce19ee88cbba78d9b13c572ddfb68baca2ccab3e466567cc5094536f00cab790e627040c9d8a32b1e270904115cd071cb68e3f6b141a690545a0bc02eb6de75bbe4e521b0e77c3b00ca48dd61896eac61212b45b21e44214fdd20eb676792e69f4b9538cb412801451c8aa5c4069a2f5b933547a426aea28cc0344a65ed243a2a717e815ecd02ed24a9d7f0a391e41cbd5c740adbb8b7793cd3cff7b08430b681e70de24a3c98a1625efdfdc0d2d96dadecea67da2660d032a6c26c07bd7eb9ec863bfd13e2c027aabf45e23150fc46355985b13a3460158df77230b8019b9c3166e58217ace629bd29004e0965384c0e3a2ef5626eab0cae28f5999d91207228b5caa99da4e4de0728fffe961df04c3b89fa1573a7dc240cbca60e84066de1c351609a96c2228996e3eed5a6fcee8b8bdbfa82f1c4babb6c8978d6408e3fde1cc4ac1be13787c4f35b083a563d58251467c9be1d2ab2cd047f05698953796ceff38c03db78483ba05567cc7bb5b2bac82d9c3afd5dc7679eb675514d20cb001ff9018ad68504ddaa7fc676a598e43593bc71817083e7ea774143001a224bef02cd65f0b2dc55d9944cb2c72043c69e361e8814822f76be019b11fefbff089bfc5d5e42603a625e0fde1f74323b9bcbbf654ee67eab5c518bcd9cefd51bb09ac7807946a87c78d30a7c32fdd043742c9e8c4eefd4455c5cd56256a2894c1f5be2ba763d563cfeeb46c7a5683aa3e46b7aae9043b85d6c46ae5c834c5ce453892ac48b93d12675a2d27925f512807a88ad2d47618751a7673897bd2f486962532f546a37dabfc3318847e5354ad222bb6a988e296982d73d6b494abf9fc04ab506a3405679c4b84dd0d9f1e364f21e4399bab7707a21e50d44f59c67d9172ec11d386e5603a088d58e97ca96ae2d929678f3ffc2cc8d155927b64ff52d741e902a88de3268ecbee8a4b02eb48988debd003e03181ef6fda5b6c5282a2ec32a55d9db574365ba20bbca8c30d5f5962e643f2194f2690edcff1e442875616675b64d2de69da3719880fb63be4081b9386de74b9b54ff5ff5a5a6da63f38210f9f6039c7e991c6cf6cebbc350178562b9bd38dd124053c70d31921923ad15b95dc0e1a69ba42688851705f43eb4ad492a98d2a075b5c8314c039a54a9ddf6ae1cbbff82af5f1e7d7b649048d5c69480b5709d5e49dca685cc615a8de182c67b545b6125421bde5e60ee566b37e0dd901c764ef0c8c3fe45f8b4fa86d885f9c2d3d194fa555e329cbb7bf123cb3364b7a2aa9d07cb502ace5be56f076e0b24edfbbf5b151fd0fa544218b42fe0a632859922f7f446fb5d2bb9c367ba19a80802e5bea09c31de9057329dfb2e81a3dfd17de283660644a13d21cf724fdd7e06c0963e5d30ac7b876ddc877ed4bace1e459c1972ceaf67119b6c0fd24e63c872cda83b2b5d3c4e21553999e26991843758af20149bb100b8932af859cdb25c068dfea61a972f827ac6151d1fa19d65e8b1751d36208d0a5f82da10d492d403c05de3f2195be71e224114567fdd428a217adabb483e7273a46ada50c6e6eb6f12a3dca83b038ba00995610338ffe62c26aad6cef9f168fa793a950f3ae9b794c53119473aca94a9ea63e8cb2e208beb06645b80feec5bdcbfe9f3f403be43139cd71ac20f074f961fee0fe43d543cb8ed47995647e94e8953d191bd520eef80767d3aafd6484ab0c005698a9d699d8eaa16467f79680cac007564778387866abb0e929b2ae1cc19f52a12b0573ce68baba9570f325cf368f8acc7044dced9d8422cd5c6a250f11843d08410cff0f2fd51417ab8693e754b351efae05f1a83c05761be790b7bef16cae94ef5748aa3b7e224e23dc7af99988157c523513826fecc6e67b23b2cbe308be803d58492e365cd08cbcb4da4a0e67e27e6bb20d3c0d49b1b60ee47b6c79ee09b39861426fe60c1cc6115755d53ef6716d7032c6cad0bd5847bc87585a58f730e519af3699e54ddffd9fbf7b0706ceb2667831fc7fe729923204b139e4b6a4a3b4e943ce974e7944247a81048d3e62bdc5f5a622ed6f33431930a8b9a051cd7c4bfe81899efcd1082e38990af0c38f6c8ca641175ef97417de7eb79ceb64f38cbf165ab5ebaeb226da93fa2e641e6d8411f71b7c5380b699758b224522dfdbd3ab58b342e650c6ddb5fddbae95c5e33fda3fbcae9a90af036f02b44ab1d05a277bcf60ee0be53a1d54431ef01b08053eca8b1455208ba8878534f6e742b11066def34080c0645446887ea70ea83dfdbe7f7d623e86b56236543e72879e2d24ba7b1d914b268082d4a4b8579f8c780220b838343d67304fec0627baca4dfdea57c23e6a4b9c295bd4a91a1e9029005025d2f263dd76d6eb2b1f1e357eecea2adff7cd76062521fed63de68798611efd5148c057b1858878b60ea82bbabf8ed8b9cef985a584b0dae0b008d0be4948e576cc3fad1c02eb4fe39da2e443548f6acef83e8849d60e5fb9d0ee6d7d59b66293cb00513fe6257c23d2fb836f28c51d4d8355cc5f48e255302fda09b62db81cf4ef8078a13bedb79987b3615f59a2c63ad8841556868431146b6799351571d8b16ff408d954b795234606f23ab1bb5ba669d0fee2bddb453df8795ac61dd13bdcd722cf2d1e448622a2f2a4b6202d7a06ff8c7c716e5bc97ae1dad159dc527f1468800e3a872bf69ebc356f1591f82697100f81df79e5529e0fe3a2b363d61367aaf752edbb89ef4250cdcdea7332bfd1632a3c9113d2a677e8d3f9808d53cda94ba9dbb3146ed3b5e42162f4125027b0e9aa02c79892a43ec866fd01f9b5ff452900bf4f754208219d37612b174179ca907c75460250cb4d835c1dec492241d1472a3b0831ffa092bd81275133fe59177c0ecfe88d5f6aa09e540010ad8a82e3432977b9ce7b256e61d793aa08fa3468f3700a169d0cf6e6d221be5223e90e52e1199b7450fb9c10922303849909fd97c7c9a9f48706dd70b6413556581f3f6c9d854d52637474bbc91abe7ca5f9a5e6348a65b67ee4223c1f7da1397b046d5545bc3a17011e5f397d9625832a3779fae4c96e1a1fc1484be1da258b1e9637f1222464a26a216cd8d306cae464733df15aea77125110cf77c0f7db752771f03e4ec568c2477509fab65a5b97adb10e48c6dcf501339743786d3cc1ef6c1471dfe91ee86af7e77eab6582314bfee40dc284934c5c78d116b13cbbc78b2b68664bbdf359ec1cee7bea6bb9da0ad77402399fbe3160292fd6de79451a89703150a2d8d4c0547006167949ca0fbf9f854350dcc8cffc6aa95cd6773196ddf2ee"}], 0x11c0, 0x5ca8f8a0f989a591}, 0x7}, {{&(0x7f0000008480)=@in={0x2, 0x4e23, @remote}, 0x80, &(0x7f0000008b40)=[{&(0x7f0000008500)="6cfeffa05d3bfc9cc99718088f1a042ab06b3ab05d1b756dc3c16ae49534b8a5a495d2d1eb35c2ee9467ad2ba0a3367eaaf081dcfbdb423e45d95b13c19b3332cba116cb3af402e8e8efeca2c3d1b5e58f52d314d646793ca1c22106227db05f65522dcde8b5a05014132a189657d832726a64aefca3a277f0cacb37d71e11f0ebd588b338ea2cc677c9d4167c2c2935ffaddc5252e893ab81ef6afd614f4a858e8e08369421114bb7b9d68007e56813667e09a5", 0xb4}, {&(0x7f00000085c0)="39c975fa856cbec26664be6439685ea41d4de27a7145cffde5bbffdc3a2cd997e1394cdb9c58e61544dee046cb08759ecb6c519c18453e72caf90dd95dad1e6bb9007d1de7905ccc3a74efa7a4ae35225f0031cb729472234272ed2651d45c951319d7660096ef84a4c8056c4a5ee79e59b0ec3824b3115a27067c297ddae56a2ae20571c3c9ad991c50cbaed300e4e994205f75cf63bc3843c5eea49a6544f299afb298e02acaaf259cd1872a6df686e5da260f746997f26b288010a973e25b87859e78e0977a791452ef0c9e2a0010f7bcad05e238f57d4b6d81fa0bdd6f6327aa4038ee363e747416", 0xea}, {&(0x7f00000086c0)="70e91f85cea5540c6882bc23589559ec9b085e03a5a231e8d218b5e0d45e5a7ecdacad29888fdebdcce2c8bd1dbe19fce6196cede329d87ba4dc127653f7c1cba7404a77ca573545943f65c0aa611192caec82614f009df89116552306b5d464881684b677f4d709", 0x68}, {&(0x7f0000008740)="b7a62dcab17b23375bfebe632c9cc44902bbb807afc105ac37ebee97ba719c06fdee93152be9e32bee3579bc358e5c6e309f3812076fc9566bd283937ec5b79e2ca60730c1b48e9df0248ac2e7521371a442c58e02d661e1bb31c8bb28fa2ef46091d681e445e36349a7440ba5a9223c9601fa52fcdf35d1f0ee32c91984cdf82305d3cc07796c3f55d018c0c77e6c2848ec834d3500e0584c1696e2fbc0eb2404c6eaefa9aeea25c048f0ac768a18e12176856242a23b587217d0bbc73faa4b274a390d56226f239ef454c6b5dbded2b392a57252e713e0", 0xd8}, {&(0x7f0000008840)="4055a7ce121223304914b33beccb6735559694dfc5f34fb297a6b3dc383a1a2581a5ddf92abca10f5a0f21734f4e2c717944c8c6e43c750b6732102041843e782fa9fb9aa9040298f2348959e7e584c68af0a187e1e4de355e1ea088af983fd19101740027673e7895c025db8357e9ef6a23da91f2121c4dabdff6d7ed9e22f0fd565a7556e4926816625e6b74fa9398c951187fd3bd66fd21e0cce33c1436e068bfb7044942132b772ce24960b3f560f593c61dea49efb3", 0xb8}, {&(0x7f0000008900)="630060b545e72484b6b0ed36911db379f37908feaf770dc67011c0d54e145ca034d0ffe75864160e7c8409a1862fd524fdc2dd1090b15242b9be9d1656d837573266e04bfa36ffab592940358db150c24a3a8a24efa777931c4328edf698bafdd3c1bb71bb42be1950031d88a99f32ae12dfdddd4c0e53bd92d9ff1bfc8e27bccf9dd8de0a2e4626908301fa8f084e4c7d0d24ae17f3d4860e10fdfcc3639a75d4d1b23db90b1f2f06478c46efc7290b23eafe98ddca2218c9232d1c13dd1dd6aa91fa4cc1f86ea1b3499940e7ff27032e32eb5c861d9a1aa378119c9a18d8680aa360e92b523aee1e7dc150", 0xec}, {&(0x7f0000008a00)="c4f7d2728df215f61c2535", 0xb}, {&(0x7f0000008a40)="32e7f638b4333789deba4a644a905020745b5a895425eb772d3938f55bf2b3c593f4145aae", 0x25}, {&(0x7f0000008a80)="d8723bbad1a29757325a40037d7743f3fe0e384a128504f3820e0bf5eeb110daa935203adcc371e35d52a4978837f80cc1b56bd3a115c383c2b2301a97502107eb6863b7200913dca046a5239409ac1d32ccd7fb7279a3ebeb416e0785f6ae98144efd08ba24392853b097e06e912ca4c00a25f94316a76de1ef612d61c4ddef6c9ba29821342d46d717d5619f38e793509ffef5f9973fdd957b05435d04231a82a71c4386c53d7723fe9126f9be6cc605c03586efbfa4a71a", 0xb9}], 0x9, 0x0, 0x0, 0x44000}, 0x7f}, {{&(0x7f0000008c00)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x2, 0x4, 0x3, 0x3, {0xa, 0x4e20, 0x4, @loopback, 0x20}}}, 0x80, &(0x7f0000008c80), 0x0, 0x0, 0x0, 0x8080}, 0xddc}, {{&(0x7f0000008cc0)=@ax25={0x3, {"554142990af0f2"}}, 0x80, &(0x7f00000090c0)=[{&(0x7f0000008d40)="57acb3b512818d25b17c2065576ba9e311056e6f530a83cc7719af4ab5a4f73d7ce031456b1bc1d8a7e1363ca5aa2395009914b1d97478f5582739407b75227c61103341485b051300d3c0103f31e596865feb5607bca6d07a115faae3fdc0ba8c63a36b634e3979a359bda33a9cb785b3856700b7e5c10e2ac600d5eb961d11f42a5269f001138240de10448de5213a51326e403af542a1c1cc9fdfce2efed7c89b0c2c51b988ea4eadf6678d556961895860", 0xb3}, {&(0x7f0000008e00)="c1a33d0d29447602022ee231934bfa095c494bbed9a5ec7e7128ef0d420c531a71a9863e2dbc015474dc5f1b114e6c96d6b74edd230399653384fd3383e82a27a0768874a2", 0x45}, {&(0x7f0000008e80)="e93f6c", 0x3}, {&(0x7f0000008ec0)="0f6fd0c9b3c9c4fbf710eea5a66da2cfdb476a084be364169d0c9ee16df0c0b8d39d9bd4eceb740ad30acae2b4aa19693bc60e749e3ad54b975455f34ed80c506baa17104d8b827943f9ed666f5f1e6b8b5be1090782e2cb062de3f5702f950b91e48018b3d86303426b34b9c74d180e3f0564fdfc650beebed1ecd98d9eedcab8d8efd4ebcb0da6f87f9fc92e27f62964627ab66d2c207e4b12dbcfd265806c48f4197bc9157d36bf3cc02a7b88a5322694cf2f58309c5794ee1a4651f5f3034e4979eee91525fea5163beac232d19240f4a19b27e139dee84983954372b55e50d9dfaf20aa3dbfe2fa12e1a364dc46d45b557a5f69ed6b47", 0xf9}, {&(0x7f0000008fc0)="112d4cb8acd2a14a055716d4e0ee2b10b4888a96c812cbc7784c92586e862332c59af7981368bacc18313a27902eabc18319a90df64a0579d0ec57a753fb81e0cb8231c9f815b46a3ec62d35d4ed96978d59c9fe5fe4e1b7c8848ac0f55bac4412231531ed1981928628e83a37af11f5fbde9fe81514b0f731632218a839a8b199f893832a00de0bde32a2b098e167ed72a150c63e30cd47", 0x98}, {&(0x7f0000009080)}], 0x6, &(0x7f0000009140)=[{0xa0, 0x101, 0xa9, "2e3c60b030a8622fbebb8728efc5948d29c0603380f74d8e1ef40981600d728815d4d7f34b74ceccb8f5abe81058a4b4eaea1095c3273014149cc2935376e27a3725c6c30984d4c7b1b2f054927ba17bc0890beee0d1db7caf912d005d46a42755d07bc1b0ae60f072e374fd6d76df582f9b8dd7e31c0d4147d3849f255c168551f17fd7e0af124007a7"}], 0xa0, 0x80}, 0xfffffffffffffff9}, {{&(0x7f0000009200)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(anubis-generic)\x00'}, 0x80, &(0x7f000000a640)=[{&(0x7f0000009280)='SW', 0x2}, {&(0x7f00000092c0)="0c87807e144e6b5cf0988b3ddee1572a38be2d032d6152d86e30ad94808c7f81d0e30153b2b5f2f0785821cd76eb3f8547d6917ee5bb977386b1e99de3a66ef623721b5d5bb362cf4a39757c46b47d3a05edd5b6c57ff2bb7056401ad27e9d4f8109816b61f9cdf39a66737efd6cf9428d93261992c4c94c6ca908796df02d02cb683abe9ba62d330ee65d09d8940492a9e025016db983ad83d8e4436fc290e290358c55570b3d00250e0ae40e9bb671d99fd85739471dfbe56d0e44b6f8f64948af0b4d6322e2b7c2cf8c9ed5c4ad6469dbf70055e47531be775c5ff47d2e41a312cddf3f13da137941c183f8bf30dac9", 0xf1}, {&(0x7f00000093c0)="85f666f724923432eb4705d0378ee6ae6fb8dc3c71f94762bc455f373ee41f91ab6106182e92e29194f5b5381963cee18bb7f81beb3af826e113e5ee08f416c6eda94d065933243afeb112cfb4f29714988ec98dbe8b2bba893b4dc1f2a453e6e08d7c5ae4ffa3b44273e952279b8562108e7e52a0520d099f5d3e92ab2e4e948e772aba0d1cf9faa6e5a731f29f8821f832addf611da03add9009d53b7419d4b62e2a5834ecf13c3c7a459c7310cd98a3bd80c2de511fe1677b4aacfd8c3766b7bf4ac26a9c8994124bfb66a282020715f4cf46ebab029c6e76592aca3ffc996c572b6317cf4115b4a99ba1b0dda9c3b94b", 0xf2}, {&(0x7f00000094c0)="161c114ade8ec304ca42e2f3dcd66e67f0233bba1e85f4e34d2e3da437e7ba8aa033aff27553f4b1096a635e00e6dc99b79e6eb78dc020e8ed440f048fd60486a4", 0x41}, {&(0x7f0000009540)="2f828c1b357010295e3c984147517e78d392bccfb70756cd94f4008b6a742f80eced8ed4c0fc73aa00a36d5ac0df82ae792c5a48732368354be96df2703c82959a9e2110549eb3c46266ec824de68e961fde0f76ac8100498168a2132ee96fe5e56bee07831d6ddd90a534904aba84e04b872c4857d1758719fe7491aa6838f0bab44a8949c693179579f1181e6cf26004cbccb57ff8986084b3e529de1a87010c8d88f9c89b94ccdf413ceff3246f8c9b78249204fd9740998b394974d919aab83b4481d5df167d3cf8123626598cd3dbc01ff991209aed30dcfb7c72d432d6708f5f93bba56885c232cc2899e5eaa8e9bf9ca3bd56cd8540b8a8ab2656733365f12afcdfed9af379c0947ce20465b8ef71259fe915b0240372b5d902cb493da8ad5c1744aa8c4c348b1892bf9d607686bd251dbb6e6c2c863c1467a1229cc80db06a3e6805cfc93c6318ffd402d0774bd2b785df362a6bbc7e52267b73c7a27c0de7038c736fa99787c1d63768e820f8b420e09e98b6fba61d64bfbc0444bf2d0d79d09c3eb2020473e273345eabacda0cdce50eabd62195e7194326280b4f9f9676fb031387108a3fc00122d8c06ca83e802781ea94c679bea259902d01009570b499acd8b4c66af2bf263bb11694ef54af554f6d82d4fefed6635508c0071e87beab30f8d75937f347970506e77dd1d632e195c3ba5d55081d782a355361011389dca057c225b1a4cf77ed3c0a1ccf06a208a5a3a7e582d702aa98f44e4447b375f0e2cb088cfa71daa5fc3d8567c39d90a945824fc334ee16b8c66e90d6ca7a6f2e871ecd6d1262d6cc0510da29892e98588377095e9f40e9bd700fc400fad7eeedf6f05f89a754bf9a78f9ec9b3538dc9f0ae341039d98122b4a66e9d50e8689e0dd1242b69f1478249f3eb3beec8856ecf40473feeb716653afb7f4454bfc1d3184c2703988826a662ab5be2a2eae0d237d045d08782d52efea92bda5d896450345efc7246cad4fed14140e4d87c2b90b6b215fcec4df83698e74a1d04939def81be385184df017f5d04868c5d2eb3d3da3c9585c0d1c1c25b28c08f40b5ad0fb7d2a90999e91f8119c9ac1eed926a58dda38975cb0ebed445107e6c358138877e7bc21e3de950d290424c82a0466ad07117cb83969f6ee4c7a2f14f6f722314c4eae0711f60017af9db1177995661e2c8555a30e25ba0efd2378433f1bb32a78461d6b821f34bcccc1d6c7b3712077d702a71463fc5d2ec265c1369548914f214a9730758fb62bd2c9abdd6f9234a4454f493fc9f2b37b19473c07c16e57c6bef1c3ceaf6203703a56802e40180381fd67ae2d2db8dba9e5daf2573a3816b29a96ecadf59039038a57d2b3b65af876e49cfcea6e42d06d0bf158d43b5b009255491d236441a752b8c83a207cdc261feda4f2041a0066343d1edb98075c49e641502ad9e39ccd1e3ffd72f9b0328c8252e512f10a5840eb893f9e9a575f8ebf52668efe014f701129f5679cd6180869d8e569901fe2b5f96332c52be6b2c212ddffe9d5f02cb18ef45361ade6cd2a04c610090b5d1a147841e4f112198d1e43bf83487b55b2f532fc392d941246bdbbd01ced03ee5a22de54c1101a0e67e71059a20b340fd4d6022b00eb29f932d93b95a4995a6464a56ff2405a81a8ea01632b631cb7522cc9808029226690ef07af4936fb216ef04cc1e14a1a81291706f078edc737d482787521dec78d8d7315b5bd7dd7f04b8ea3654ef141a8c23ce4d954f7dfb28982baf50d4aa416c0c3b2ed875abd1b0fd5a7fb026fbd806c78fa57a4af152c8d9d6acd5ef2dd06c6b6696c6345ae335110eebc08d1bb18d2477890c841ad365eb8a72dff9e4dec211918992b73c55cc3e0d2d9a09d9737e510f70084bb6a82de0ff9abc9ab9a8afed2efffb5a75845e30d49d640815b56b9409d2582f1a0a3a9ef132515dca6dfeb4033ac1df71aa52b40a039840320f1ec26ce35a38d3dd1e284674be379893a1f7414ef21d55b449d05c3237d5a14e1211b63258a43abaa51657b550da358d4160f092ee881072add0d3ac6a3f86c6281431a80f567a27d40a2ac1882b811cef3498eddf31f012a3331b03adae2155cd61ec336ff54ae4d8002b9752ef9cfb03af6e029289d36a8a53dfdd33d49516585178a70df4a286c7e1346e251829efd986ffaf7bf52dc42e4684650a8514a183edd6903034ff3a4c48a147914db857173cabe5d2cc42b1b782e26b21f5872884722ac6ee34897299e6b338ba1dabe13140b30e4a577c08582444336c9a543a2e648b83150e0803be1b02b88d4b37b0c8845c3ef0b94e3aafbeada9c64b377fd3f7a008512abf61cf49c51c92feba0f709f48fa61a0d1e5cb3977dca7da8a570ece286f2ee0aab4c714f93b776df07fbaf4b202a35934e09c565debc39feb571613552c8b131fc5cdcd23f3700d18c7fa83fffeb9ce36b90d7628101da93d32035da59e880fe5310fe0a34db3bc50c0e8faf5a58db99af12b12671abb6887b779b3c590c8d445588d46ebd7dfd5fafe2558dc7d4a7da6b975ccad4282c6b04c7159f5f72e4868ab1c55dde682f6fdfd78b54922781db3f3f3268ef626a558347ae58a312540b77b59d332433fdc46e334cf91033c9a064a7ff466635fb5e5b2a8b0e63d494bba34e23ed12a229a6ab0a594fb41b77ff14d24cd06d345a90cb4d5401d58b31b8ca4163a218d93ab2a0991658132bf8d808bafdc775f166c623850700f51462858ffc6cad4347761832a442dce23c9946508e59ba25d338d235c03c4d71a21cd636f8f8d88bf399dfdea1b294e16fc0ccd6289c7c0cc33b20c279a57774a278d9b54d143fae647b63cdf2944aca7bbddc43f116c22db2354fa72d2af2d4e49c864400782c7b7f4e0f5c9286a46a428d946e32960f3561766ac23126700dbc3b4958ab3909e357e03e3af711a47d5391e6b0bde37598b84a44ccb5f64f8b927b2f28c041ecdd1e5c3906be3d8f82cbb08bb31cf39b07617d4e2af44bd76aef7df20de2ba4529b8b89a5cf3998606222771fe88b7693dbaf374bfeae7c253b86b6ba3d95d60498210e0023f18125e01505dd3436f89553832ad3ae7bcc3c6f7739002a725305217cc24da379138e59b8c220b1141b0e40cecbaba18ecfa0e321d1a82323e8543fa86b4debe05ff3d7c36ff8132e2d274f0a710dd1d1bb219f31bb7e8cbc4ed463bafdb18cc6e351e8fb0973669e4920a2b0c20d4bad41b3cb8866828b440a979a3913d4b56784a1d0a77eb8f096656e9b57d0481bdc8d86d1c738af04b04d546353203e96b70255ba9a0a6da2f0eba0bbdeab35e6fd26a8cfd52e5f6afc71850d37e57525b6450a8662c2b42d9e6b29794a7d8b1a1fb979b0f100514888bb11904c12d30808112ab12c9e8896aac8f6e5624bc627193f9f8eaa9b122c3e595d16d2ad24c4b3e7ae9d593abaad5414dc3b4d89427b198bb25b20dc712717793bc52fca0e087e1ccf69098d83701ed8c664e76274e6646f40c7a562f702efe53530db398c51468a116853232edce02acb99e8a520133bfdb8b6e350140e4d4fbacafa247aaf3752fdd11cb2471e6923adfac01d2601fcd634980143f93a31628d980443fc41797b658d6ffd7f6816f667db275c6fe87a3eaed39e1aee388e1f24a82955ca53352a9482de84ab28cc811998156f57c8fe3e5c8d48355f3ef6fbc1f8621b8a6f3ba9ce649d995d60d71f5ca862225847c4e393444ed702cbb056131e6a3046b374566d929a37f37aa97c0128f6e835e56f08ecee75c2294c27390e64e945eb37315104c89d05a6f06387e4d1cb1f688429ac90d6505bb6bebc21f6b20eede5265401a87d53dc0e3060c7ef53aa127942b5e4cbb7482a5bbf14717441fe8d21ae7ec4d1733eb54b827973c0e46827382add7bc5981f0d50b4a2f4c2eca7e8d9219451edddbcb0945b06d2a33de5cdd2f66b73c2651a2cecb9716e551abd0dc0af258b3ffd5a31f50d453fa35c63bff58b012a5e976f182093507b360046654840486e066233862e0c65a56e3f2937279c0e56b9d63e4d116767a0e4c485c6ec2eac40174786bbabed88279e72ba6f5727a0ff6556db1014a17b6eb985bc46e7cfdc76b44ac307d799312ee16afea24c23310b3824db394cb3c7fdef5459257efcf7c4c386f8d3751a27d7e4dd102f2ce85dea10d9e6ec70a371e8951cc730452ec93423039904895519e59b312f99f804efcdc2a97db52486fb72582b667d2a7163d0a5e855d0b0f6881b56d69db4a44aee1e437c1e40d179ebc69a93819cebec127c091ec2d9bab4d97f200075ea63e2ad56bd1eaa2de7abc432a7c307f3d651032adccbe29d9cfb9237c33c8d21f4251e6642d5505134d4f28a608e95e0013c051282b1ba8de500be1c151eb57678744df114f9c257947b5c20705853a3d66eff0c27d698756b7a9b159bb4e1bbd8e8f4e0e8288b7ff5dd5005cfa2c6a6b0d0a3167cd5444a883b97d349e0e22c2f51fe7b4a5265b14055b855c71ab0b905714dc58e16b976620934d19604b3a0fe7d2b44420bcc48127c15e9c046f89a8e68822c5eae73445d47c2ce81074f1f881a026c8871da9bd039bb2cf40561664d7c6b4d505cd1712fce02fcab4f03ac62898a40cf1bba7f1ce83f8670401c78fbe59be2d6e081b5413501c0a865a2fa111588b352696a898866d6c0313efe6b10b7e445c400faa86e4873a39641d571369c45ded214f64e4ca17d0689c1c9aed072e9efe9818aabe3ae58b36ed8b5ce0aeea7cabaa1cf1b4287f58108bd078e981cd62bced1aa56b29b5dff5e5626369a31d2c16131f3753edce8e02048c2a26afe6434ee425a808d4b1cf3522362bc31b1faf1addbed64ddd8a6dde390463a7c67c004ed8de883cda5fb1684f041d85503c7f7abcc63caedd9aa29a62bdbafdfaacd329bd8c76835aa93a46c8ab64fc23f57f77329ce97e5d8b67c444d4e26df5480b6b74b79a2250158ac97f2b7bd997e7793722b961e24f7cbe241047482995a5e5dd7c7ef2f9944c01453807f495159cfaccccddd0258b32d96dd6fa5e818ea49abb6eb7de3ee924c71f160c8e66ff075b6ef41b61f3f59cacbdefccefff29a7cebb737f5a734c4ccc3ed17766de9be812d6bf7d26c25df74f346f07591aa2d5ab0d98d7b79c01c0725918e977b714563834a68ff820276ddf5b2664a0c97ad5cbf9d53df8070d104bc2cad6ab6c77964b70a3ea38f658fc58d81e80363e836d48db36869c2759bf4bbfca906ceaeba58d4feafe57d0f19d66b7ee8942847441fffde3441cf4578ef45de87d7a488c49ba56b1758bd3585b05357233167206545c4ccb76446c38dbc006d36696d78dddfdb091d0cb9f7ed572fb758abbd3ed74405aa2ba1f82769d951e704b562ffc4aea0599410019baf2e806b4c2afdb1e3761e5b30122a5a2b71aeae1c8f2e021b56c22d81874e1d99cf407762d70652cb3dc603c0b2e5dd4246761ad2a921898ceb4bf771b7029f645b3d04099072538591680dedbd13a127902d58f9ea86a722d0bd1a440703d0a6dc48648fe9a823559b279435116dda762a644797e78098dd7c3ed483a22c31ede79e7de65c4b39a1595e3894ea973dce33245637b61e4290018f2f7273ac5a7b1d0d68f437aeeb84e627b6a90698085d1934c1952f2e5a1a157131c1b9709c2e590f8ea13a32a2ed0979f7b5a7d5f842891276b9ef63291b66f3a0ba2c422f7a5b9f90b360d5d538e2bd58e1a0ca6ff2f3ec100930f0c0f6dee", 0x1000}, {&(0x7f000000a540)="68fc1d1837f7db2a4850dbcf73a79210c45ac3f539b1b219bfd3d09dae93829c7f7f310a7c5fbec435e8282d20e1d9733bc4f763667333f206084da6eaff1a9eee7ed9934977a8f65428be7dac303e69140475f88aecd8352f1dc13326e25daf015c6cece7d8d0ee1f370f0de97989827f5962d18dda92d664998991c7a795a4450b7a531f9610697ea2b15b93376ca3ad6f0fea1c4b5f45445f9badec5560af10066b2b18a14cbd9503bad50eb0caaec33b861a0be8c006fa8e44f182080a63b091ee652db9b1ba1b6dbb6c9a2d501522a41a0da85bcf967f1bc179403b8a", 0xdf}], 0x6, &(0x7f000000a6c0)=[{0xb0, 0x113, 0x6, "d991a5c0a8ca1de24364848a7721f903e1de16d3e6eafe4365e62d4a4217844d0f6ad2403dd3bf8a117620755673d59a9625251c1ee31db6c82aabe4c88bc5272de97a0ac709b85bf1104fc5559bc3c525deb1b1a412b99a695fdbfeeec5f37c8d018db93921641b6fb2bac2ff265072a88346713f83cff75eff3faf87104d552219d9e38054a31387d6c9a0c3ce41ec7b2fc292fd6458f656d90307033c914d"}], 0xb0, 0x10}, 0x8}, {{0x0, 0x0, &(0x7f000000abc0)=[{&(0x7f000000a780)="811671651b0b52dccca4b4c3bb5ce4676a7cb9b12dcb3032e923806d01a740f5270831c6a7b2f13aeccda84aa053e65a8930e7f76ac65a214157f394a9a63729c3a8457f59e26772d9408294f587c193491a31575dc98933272db98e22642b0987067ab8cc88ccfa6d72cfb21af4c70465d948655c48a63d676fcfd6b200803d28b925a52287edd84795a51b0a60331981a2a53136a1809a7e684547f09549dbfb1d7c", 0xa3}, {&(0x7f000000a840)="1dceea015d14eb1b85d3b3ef51f1fb6dccbd4a11e8d82a5f6f0efbd4606b8a216c21363e7d53668de50b500220e6501656369a46c43010b1596e5be0ea04b69b76630086ad90e6958dd6abf76e0c5c0935cdc15bbb5cca0cf60e0b893738650ca3a142dbad7a595ec414cc40941d96597467e1429d3fb0939113842cb0df948a7a328e550f6746d1955f2c36151b40303570944e9f3524332a4bf412c1af9e006a9f2cbbab132bba0fb5cc7504d9b6c68515e2e92b9fdf54cc06f2e5c71dacbe799a3a9358d1306f21c00d42db896996379036f48cda9bdafbc192aacacb6e67ac57ce55d4fc9063ba9babe425c0d3729d107d61", 0xf4}, {&(0x7f000000a940)="d9f6b334421ce66cc055d170da4546f7983826559bf60d3c289ce8ebcc44c1997593a6cdb6d12f08cf53b6bc8e77cf0674a2869249e4ca3ecb5f3fe1c150f374dce458e0ea98460b6d343a54500eefdcf47ae534830ed47ec063801b5b77bddfaceb2999711d4dbe0ead48865bc41a38c8fbbb01881738", 0x77}, {&(0x7f000000a9c0)="c4055e4b5f351c5dea653fe817640899f836d8a19c7e5f1ba261d94fc9b8780bcfd5a2dde631e79464a119b245ddd22d99c98aa578392c3667dc4279b3b452c46db95d9d61", 0x45}, {&(0x7f000000aa40)="91cc3eda1fe409a252ba96ade7fcc3bb3783ac96f5e8ddf062bdba005979706549c83f08823c5bd1245dde3e2d2e813584f179a13591c888edafc1ea7ea2c78d7e44f0637fa23be5765100f598d5396d40ce669a79aff6f47dfe2a6968ab", 0x5e}, {&(0x7f000000aac0)="2dd054c29609230a5abb7f5fb66079f97f151c2e78ae0cba268b652acf86b2cb40b8ee06522ba3a6d587dc5b54a8f565fa851bcfe78b08b2a39997ff8526cf7502b01a75c89c8f4d81787062d864809e19eb6318ba8accf8596f34ee7aa7d6f79062f3a25a31407c0382b2b1ed1a27aeec8525392dbb3e333efb09b14dd7cd77824cdd05652fdb0b558232c37cbebd405b0f250f4e139feff484e76f852f3a42f1147adebf57f4074966d8f6bfa4002ad1605b71795970849557d55d7b8dd7", 0xbf}, {&(0x7f000000ab80)="8b2b80620f7fb8cd22472b0ed0927fde5a48b271cc6572fd14636058cc2997b3294036fc68b5a85bd41539b27d5af349ca1a45", 0x33}], 0x7, &(0x7f000000ac40)=[{0x98, 0x11b, 0x6, "463729902e1056fb9ad7cce3af010859be58ce9959ffe7951a39b1210ca34ae08a962406da10fb87f58d8a225daf6579c278ef3c210778d554344b5b2aa8176b88903d5d788de9e08f97bd4d2511f8be579e65857b1ac53a09d86c0a4d55ea1b6be80e418886d13e3b631d2e6940742d316db971223d5476268dd173079885cb31a662"}, {0x30, 0x10f, 0x0, "5cc6c8aff766cd40117068e857b2785de41dfc5b264bb99f1f3881eb3cca084d"}], 0xc8, 0x1}, 0x1}], 0x8, 0x8005)
ioctl$SG_SET_KEEP_ORPHAN(r1, 0x2287, &(0x7f0000002c00)=0x10000000200)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000008c80)='/dev/sequencer\x00', 0x8900, 0x0)

03:44:56 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf00, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:56 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:56 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:44:56 executing program 4 (fault-call:2 fault-nth:40):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  973.452740] FAT-fs (loop3): bogus number of reserved sectors
[  973.462150] FAT-fs (loop3): Can't find a valid FAT filesystem
[  973.487383] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  973.489622] FAULT_INJECTION: forcing a failure.
03:44:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair(0x1, 0x1, 0x6, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000003bc0)={<r2=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1f, &(0x7f0000003b80)='-cpusetem0%lo)#procsystem----(\x00', 0xffffffffffffffff}, 0x30)
fstat(r0, &(0x7f0000003c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getgroups(0x3, &(0x7f0000003c80)=[<r4=>0xee00, 0xffffffffffffffff, 0xffffffffffffffff])
r5 = getpgrp(0x0)
r6 = getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000003cc0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000003d00)=0xc)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000051c0)=<r8=>0x0)
r9 = getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000005200)={0x0, 0x0, <r10=>0x0}, &(0x7f0000005280)=0xfffffeed)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000054c0)={<r11=>0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x39, &(0x7f0000005480)='*usercgroupmd5sumlovboxnet1}(vboxnet0wlan1ppp0}md5sum&^"\x00', 0xffffffffffffffff}, 0x30)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000005500)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6}, 0x0, @in6=@mcast2}}, &(0x7f0000005600)=0xe8)
getresgid(&(0x7f0000005640), &(0x7f0000005680)=<r13=>0x0, &(0x7f00000056c0))
fcntl$getownex(r0, 0x10, &(0x7f0000005700)={0x0, <r14=>0x0})
fstat(r0, &(0x7f0000005740)={0x0, 0x0, 0x0, 0x0, <r15=>0x0})
fstat(r0, &(0x7f00000057c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
r17 = gettid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000005f00)={{{@in6=@mcast2, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000006000)=0xe8)
getgroups(0x2, &(0x7f0000006040)=[<r19=>0xee01, 0xee00])
r20 = fcntl$getown(r0, 0x9)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000006080)={{{@in6=@mcast2, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000006180)=0xe8)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000061c0)={0x0, 0x0, <r22=>0x0}, &(0x7f0000006200)=0xc)
r23 = fcntl$getown(r0, 0x9)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000075c0)={{{@in=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r24=>0x0}}, {{@in6=@local}, 0x0, @in6=@mcast1}}, &(0x7f00000076c0)=0xe8)
stat(&(0x7f0000007700)='./file0\x00', &(0x7f0000007740)={0x0, 0x0, 0x0, 0x0, 0x0, <r25=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000077c0)={<r26=>0x0}, &(0x7f0000007800)=0xc)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000007840)={{{@in6=@mcast1, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r27=>0x0}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000007940)=0xe8)
stat(&(0x7f0000007980)='./file0\x00', &(0x7f00000079c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r28=>0x0})
r29 = gettid()
getresuid(&(0x7f0000007a40), &(0x7f0000007a80)=<r30=>0x0, &(0x7f0000007ac0))
r31 = getegid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000007b40)={<r32=>0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xd, &(0x7f0000007b00)='system*loem1\x00'}, 0x30)
getresuid(&(0x7f0000007b80), &(0x7f0000007bc0), &(0x7f0000007c00)=<r33=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000007c40)={0x0, 0x0, <r34=>0x0}, &(0x7f0000007c80)=0xc)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000007cc0)=<r35=>0x0)
r36 = getuid()
lstat(&(0x7f0000007d00)='./file0\x00', &(0x7f0000007d40)={0x0, 0x0, 0x0, 0x0, 0x0, <r37=>0x0})
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f000000a400)=<r38=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f000000a440)={0x0, <r39=>0x0}, &(0x7f000000a480)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f000000a4c0)={0x0, 0x0, <r40=>0x0}, &(0x7f000000a500)=0xc)
r41 = gettid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f000000a540)={0x0, <r42=>0x0}, &(0x7f000000a580)=0xc)
getresgid(&(0x7f000000a5c0), &(0x7f000000a600)=<r43=>0x0, &(0x7f000000a640))
sendmmsg$unix(r1, &(0x7f000000a840)=[{&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001500)=[{&(0x7f0000000100)="8071531f11b69bfa792abd1b09674d12e51bfd5e658d21fd11aa8ea28b2a9042901b7e84ba5ba3f6518bb1397c7af566ba5560c170df369925f16951658a627119931af4c86713ebfb0ec115e86e222f7a7f5d115f46a91aafcbce83376e8db454b3bdae15992c1b4c6f0b753ebfb21406e8f955163070d6301976f00601421591176eeaf5b59580a81ac70f787b9ebdaaa8723d811f7d1745b3283acb7beb8ff3a57bb8468fa166e7412c8a0eb285f6b962737f96876754593012eb00ce81d141734bbad0001ad788fb7ecbd9b0bee6ee25348601b289eb3d7c5902c116aaf340e208936d1062346ae02970e73df797e70bce33a7441b0b58db83dbcf958a48513e07e58f65f44ca1741c6899ccc6af85b66dbcd5ba11700fb2dd3a75fdb0172c2b444e26c50bc0d2fe4cce02b1c01489c8440fb2cbb19e90295895e97d834f241323fa1a6fc6ccb35ea28b5e08d542fcafb820ced8629be18999e47397d49bf1f36e993267bf7e6ee4162aaddf85f93ce4f01a27a2820daae42c599b4fb7716ba54e7ed030f6abdf0885813d5ceb5d807925b0727b86d3bb0c37f578b9efcbef1862e360be74f33ed3849b416301b7c09a07714acadd8c4b8d09e98c0843a553802a2376fc54a766c998fa42b247deb55f6fa6e01bb9b9f6c17c6907a3b90b27ec2a508067464ff95099e9682bd122b4b9f5593ac9465588277859a901f1f4db8b960118c9dad05f869bf64c7ac8af806c1e137b7f7d6a9a320bdc1205dd2c8c17b1d7dee801ce25114a21840dcb18c65014bf5885d3705c6ba626910e6d4b80adf0d05d9bdc62139b666e41d7860ee53d3d15f252adda904fced79ee44d55b44fcec9d66ad3dcc69ea4a24bc0aabab7ef52d4275365d129fc86a2543e221614bb69aa75ca99d4995c1ea8d390b572c6cc66be5d07c91b9c485aea0ba0cd04f19a6eee17866782e27d221f639be8694b4c2ac22909d823be0c57bb0acf18566a7e481c0a77e529fb570347a83f1d4a8e4cd54053e6d385c1ddba9ffb85c8d8f6244a645b759b62d3bdd0f5e4a66064b3992aac70fd7f8c02218b646454bac4c72f713be9dc302e97b4b2870c2ef7aa564f0a2c89801e340071729cc4cd4c0a22cb26ee139557066619fde58dd0eccc52c19eb28968d43e4a7f130b382f010cfbcee381cfbab93d5186dc8e6488a555574fe1971579a7353d97763604cb20d84ced23cd7ae69f4f4fadb867a46493d20c220ca384e8dae38fa3d9199ffbd8d7e5fb3d789a331438cf76ca88531552acde59ca1c7627692afdf2f1072657e0d985eac6812d24d37c7a3ed3b8f2e1e2cab4a9bb3cc77a22490b7b6195b63836da5dbae65c29e9884708d536059b8fc8553a5a9870bf8d84900e28b09f975fb188efdccaa6704a91b28d465ef7fce7e249521cd4bde0e248576e0ab349aed3724f7d167c8a6be4f1bd6087bdcdc8660b7b5ecfa1bc05c6687bbca09e3f904fd34a2a81728029de2885fd996cb44f0cac016a9272060acc4e4dc7e282058847db13b87d121f1ad0b7ce8fe3687c370951b5c5f0281e4b16104265c9df858f557c80e0ed50f960ef4906bbd98dc2b1cc7ba0456b009e4df85139815b89ca6c819120eabdf9eb8c85b600f4d9c55d266b149f27f9bb96fe6da371a4769d5c96c161d259ce2928b852897cc5646033dfad65c617c300b8d4dbff63cb4916729c4037971a827292a79a57e8e7af1dad5660f2eec9af8f0eb08fbab2448e778b43bea5dd10a4040e3a58611eed2cd184304cd17855569b28ae3a662dfbe7306a98caecd3e4c00aec4348642bd4902917e4973dbd9ca7d8a5944308b0cab742c79ce0bc75f9a7ecab33ebf064d3c0e8467fad9a629700c2c667fc63e962b739683a17e4a225b4f6cd7ca62f220b97d866abe9ac8face229821c995dbaef1a48cdd0f2ce18e5362c11fa7b45a7f71751ecb48700d3d0ea1ad97a7f234a772e755290fdd69d6c6b5a1333a4ffb7527e40179a594de4e28870835361c4017f08e4fd8d27770f6e0b7b8b51b7abf4f7800501e43b16b8223b663fa15f88c7143c9a64ffff86b2b33b917a9f732a4e1083b0bad7301243b92626f77a817ee68bc0c9bca92e38d7ea07272941c5c88a280f17cba0966a8436dac07b35a3835f10de34f7db102657621bd7c94c81b6e16ccf9f234b7b94a07c9ffdd26766916fa63625e04f1b729a788204028f1c8b108500bdde576435f7cf9217ac39b87bff8c845f7fa63036893e61a73211f9aef02fc1af354f1c6037befa71d7afc5fd9d2cbfe1873a1d3829a5286d95670e57bd41ade71033db6d2ce886f231d862f701489556e13c87d22a54426b43b7a20421e4e4e3c45e3dfe402fde7264e082f2c69ad583c85f766c0561f4a78b540b2f54e4e8841c06dedd3c009629c6a161fa10bed705955761bcf6a67234c72eeb6544a0a1ff4b317aa0cb1eb4dade73f1adabaa9a4e1d3c6851fc01b211b37d318272bf501eef27bdce5fd1a59d2697e4366c00c56bae8d0269c452600378cdbf2048c3701114a541d63e1b62d4aba44be5822a82413c638212ae23ef32a46dbe4e781fc3e47c4141093b490791b49149cecf9ffd8c019cfc42469bd4a052049bd7682c5d098fcc77a88bdfda89556c7727aad75f2b48ff3cf045f8c9e7b52014f0d22e56d6c51e77dbd5d07dce01d86fbe2175847483f1ef5067d4d532261cc9c6cac230dbd68ed6ea692b1609d3401a8b66d91d4c1ddc43e024f526acef0a10a4fe5e733b2fb20b0618e88b77c424b1c51f6e2cb5550ed4f7c2732ca82441e609f1280fc3ba1c57348de1c04caf465236dd7216f4904808170d3778c80e8372a8002aeab1e876894d3385723665154232017ba44dab179fcd3c6b4d30eedd42d92dec05c750eaa3ba8bffb89fa5d8558634845dd510142bf48a7aacdd741ece9af506db3c186c76c6cbd54ae7ad26eba4da39e8808dab7919f3437130d27a59d3f7deb6c92d97078179215c4fd6f687fae7476055e4a0f2cf0ba7b6a3d6d623599379778376c393dd6de5f59b4e1bb1849609543726e190125357d47f5d1e648044213363cbe827e620faeb816bdf98c8534f21af8106c45f28cbd2491accef0bba2889539c3a3d7b9e1f66fe5cb408add1bd3ffa754cea34ab415620ded27b6f07cc563de8307c01df49665e818739e851867ef0ff42ef8289d04d0403514a731ac155db52cd474847eba9dda890753943d5adb3105fe38fae272dfd8a70449617e900c05489f5dbcdd29513d250d7539804f29a1fb1a69a60fd347fce903e9a26d684a9068bb4f6123e548b5165cc79448f54f87881bd73c77ee6fe64dfa85e632a58d8a84a79d9eb99e097c8b7b0c6d4bc4a65562f00cbd3d924d41d9516d0bd585975fa267631ea6d7c624721bba58315bab3e7f9d542015d179a090c6a2aa359edd07868ebcc5b5ae98911a7ec341f42ae34ffc82a6d82f49b3d8606b601f5b158b17bf9af503e025527b692f399e21a53d152d92a827368061c1e70a4dadc28940518ed27c004291057f94e919ce58b40da2fd881e4d5b47b8d7b4a4d04ab8262547fd52c59ad9fd920441edcb14c380e72b796ad6c3e6e9798e8b8357497b611dd651b65fc783a9ef1223c366404449f55cf2981b74ff97bb955b95ac97ba8c8acb776e6347b214ae3c620c71b0c3cca14f20fa3c12d8a06620ec40ecca32f413d6f02cef0f93ab54c13a611aad9077803ef4718b54438c9cf750b91deb3d9849a4ff9e98cca8c79c9ad731b4b551b2d6a89251a01ab964bf08115bcb1ac5e51d31f5ebfa1174b44c5c0f4b044648cda7a7bf181df10cd8bbb046b7ae313d60bdbcb0649a48ede4371330d009d4855063d516ec8baf7f5a62bfedaeb8612599ec994e6b6986768045437d0f43be4305fbae7a9ff7b18d9a96d755dced5be18ee0cc256bfa1dec136e76c1313a153cd31e45b433454247fe9f3ed332997d9d58baaacf5114c8ba46df34df0660731d7b087295050103dce5a7cc49dab3d305a8287864b2a6000b558fc408ea1ac50fa98c7efa7f96f04c9254e341093e2dd61171de13958eaadd768aff384fd52a151e3529c52917d1826373fbc573c2993d9c8cd8de423e588d94b9b1f4d5e29e2a674a34bf6944a8afe0c475aeb0d4222d9c434f53d1b2c40ff229c554d8f00410057ca55ddd28720fe49a8a46953146fbc6482c5f5cb6d78f0655373b4314fa05d3c620accd21d7db3b360074adebef6a2ca0163c8a0b3287358ed4dba806f9ccd0d85c26a29b7f57f020d60a2fa9895d101d822d2765bd50163bb156292ee176d4ceed4edc3419579febced22150852ab7eadde0a9373577aa7a086e1cd0cb22ca7de83d77884b491c08b64f1cb4330c6dcc9745110553a4d2554cb553a90c87134b160072f00157c42d3478e924c2eb24f189c1b00a70fddea6a6c11c2e01aebd4cfb48fa696594570506829f89508b32e496e014e0ab7b617597cf2bb416d332f97f60e9c72df0492a1557a16d9d1aa522c1a322a0f6bd4e1d2682107197eeceeb64498ff49b747623060641a3330833dc7cc24cecbc1d54a5c4fb6132c1be7c054c9ddaa0fa542bfda5f0492e42824f78b5cf4589ca9f77c60d4239634d9240c54267dca4b4a7364d903096c2cceeea12ce4820c41033944c30211e65e246f4c7dcaa4b2862960bc67269046a5c5234818f51e915220d9eb32caeec05d5e59e8d01ca7c58b69fda5a67a7168e06651f63cc53a70dfedb9e6f85b592db0739080c37374cc282fe4bb9bb2992bf9a9b77df7071fa80ec14b63afe75a2fe61a6097aa5bd1702527f8d1d79e96a99cb6a69681c4c5db313ac639bd41cf302a6cb93a589abe128cd81233dcf7272fec9cefbbb5e3216f9d283700d230f62666d46a7242d313a12ed8912215e3fc03e47b950acff09c83ad201ff655b45eb6bc8414d6d91a5ea2e6f1f81507b48bdfa706e4b54d39ecc333e8f1dedf28bd2e758b9dc74381f03ee39ab63fd64ce165b80e9e58029142aa0a4b6c10b927920aad2c25b8f70ab6092c3f4de2e92c5525551b89f1127295112a778eb4301c58dfe602018553e5c73b0f05d33af27ca8adb700295a4b99bc5aedffc1ebf361fae104ae73d7b9a6eef2655ff0c7479a56f1c2817568a396ead0a12a929fd0fd44884366f5a552e5cb613e87c00851d2fc638291980d75b5ef45c89fce9957b96ba35cc95d851a593c4a90c3fb519daf0d1261f04983aeaaab144cd9fe66fe3232b8f85dd1a01bbc122185196b0b4761c343541923820f5dd3bab10cc2fb8f27a6dc1ed04f65be5e9732dcf290705f7fadf3be6fb35d44db6869599d095291fa70cc4cda357bab5cd55fa3377b9333593e970020decae175abffa9b77c88a7f853fbe3a4fc559d9a918b6151ae9c701e41c53b306aed851bd881ca028aaa319f3f82413ddbddbaf01ca4b76d37691334ae3d080af98ce1473d63e50782340e1512dd86db0d7d81c96308a461639beefdcd26aff24fa0bb3bb22ff59fa4b4c95881b41631cef233484871fa02e6fac56043e94d66af0e9a70771d821772f2d240935ac1db7a692a1c7b7baec6457513c9214b0aadbf994b54c91c3849aaf3adf6dcbd86f1710df72376d44330959918985d2c62afdbc8a83b6520e3d17c1af2a291a95db4b0cedee0cdf9e1a9dd9a9926d04293c567d129833ac86ca32c4eb12fafd75f78a90cf703edf5416cd1e54ab92a5c683c95ea5ecdcc7387db384ec32a7fa56b6b92209df517dad83a", 0x1000}, {&(0x7f0000001100)="a3fc387679afcc45391e3fac81480451ced4fd4a4f064407e4bdbf73c318915fbd7ee78925f22816a7b4508da84b1792d16324c8a5d23d0dd18520fe9b465880f07acbeb24340f0fc4736e5410711dc281087a53d5ab47ab7144df6f43828de01f7ed6cfa022e164c85a73e9", 0x6c}, {&(0x7f0000001180)="161d3f2aeb4fec02f362ac86225552656f7bed4a5aeb36", 0x17}, {&(0x7f00000011c0)="77697a70b138d60daa26fa7e84794039462f7b2810f18e03e89e3ffb5a15a4e1f418fed5d065975c20a09357552eae739ca3a8a3d9cdecee05133bf6c22684ce269598b042355405ca2c0bf14b822a65ceca8c68f5c9febe4211c7a9fb58b6a2173ace40d3d0177c7222ba39ddb0a771ef518cf2e67faf866ed4be8feea17d71afc8e69b3669b912801a09c6de6d2bdc6bfa323df1a883fec2936dfeac4b1f704d175c7c15aa8bcf8acbc1bfa19e85ec065788083b7f70d0696344a66fb4b2b9d12fd87a24ee51d4eb5e6fe879d1aaa150d5bf02ade23b044744abbdc2306283f30fe2f9edb4", 0xe6}, {&(0x7f00000012c0)="bf14ab7edcd1816d11e020f2cb4bc55b4735e5dccd4931c6918da48a617b825873256768b88f66ef1bcbde0ba036a3345a194a1f3fb5f3693ccf1fdcda4a0fb8ffd00dee8d5dec53ee1ae5d095c6db466e074266f09f25901ebb1b96ab0d7f48c7efb560ec42ff4ad55bdd2656ff7551d4daca8a96d6f3820614365ca2c0da7bc80239b7f37c2c765b6b64d9eb6875a8d4d2960285ec0c92d222090cd8214030cc88", 0xa2}, {&(0x7f0000001380)="824a6a9172c436d08f8a5413e0709708f165a5d89e5e8ba3d733d6220b160ba44f0c658f832d625f64b52cf30856a9ff6c515f8d32c056ffa9f076d4cfd7c60da9c993aa69b20c91924d0c62d71fb4bf0ac8e0fc560806ffb10f029293b202c915204366d2fa8b4c71ab072be507d4948486d2fbba2c37849cafea23ed0722ea9fce52c42dd4fd0b51f64d43985977787c02d5432c3dfbce223e1e872fc491cab1f9d2d97f51acbdfac9e6889ff2ef5355b7603c76d2fce7b3060531bef34559524bacb3740d800526fac9a3b2", 0xcd}, {&(0x7f0000001480)="d3ba69c5450d16fc64aa9c4b535e44cbcf1d22fd2f2528eba6a879bbc45c4e5bd5704574303bc9714889163c2c27c4b0f889af3a75fcd6f9c727536bc24b95e29ca9e00242b5f98ad559b75f042bf3c16dbf30324093278a6219449ecb076fc1476746", 0x63}], 0x7, &(0x7f0000001580)=[@rights={0x18, 0x1, 0x1, [r0]}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r0]}], 0x50, 0x20000000}, {&(0x7f0000001600)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000027c0)=[{&(0x7f0000001680)="1528b68cdf9c75c3123a48b08afe74a26f9140fd213a62379fe3e7a5171cfb76c8ea86a659818add5a03f6aba85505132ec95dbbd5a371fe2a3f51c24fdf3c54bd2b122a2119ccd79446da1f37d26983c945f1f5f44ea509b5d36d06d9de9c89fb331dcfc1d4c3c8", 0x68}, {&(0x7f0000001700)="9d48ad0e4d3a169ac18e8b18dd3a58ff6ffc887f6eee0b1bde0acac2d534a351ad4ca09804b595729ef9be395af11d0b0073fa5ea849c8b3e9ab48285e605901d0904c8ef81e7e921763d689a86b550ba7e47810ee43202337d8e1e67e3be0680bf900272e912a8fc1c9b5f0c644699d35e764dee246d782faebeebdc2b298a94266ef85aaaa7d2f6bf45d032dc5f58cf16146b6e34da4c28afc8ee9ea043e7c70ab50f8264986c0be7e45424d6170c6eb87bdd496ae869ce54d2d9ff1bbcd454709cd48ef7f1f948612abe117101a5af55499ccdae205906b649f371b67dc4ce3549cec9e2cdce0d234eaf9c92e9c4dd9d147d4fc167b47bb0a14910bdbb05eb97784e5c86e0207b25347a6be826d94ee39f797323b423985615ddddd0a0e560bc0f2d5c2074782935a0d9f0602719f1fcf8bbe20337a273c4ff39112d943cac9fa3ce1e6473cb8063f63a865d43255e9849652c0b711c4ec6aaf823c1d79d611cedf42b3a0699b860a924aabc448f6656fa39d7281ef6f5a91e7d7edf5699188db90de99a6a325decf5b3332f3ed621a8bf006c1d7d241e0637d0d3da3c1cc85b9889a21a6993aa426a56eec2db93807460507582b7479822c3e76748ef498504da0017262b6f55e2cb474d4c012cbbf23dfa62f1c6427e5f76e4ece97295a607b6c5e013e9f7fd3eabd31b16108f81386670502c7e369c06eaaae0c04764dd7d745ea448d577969f56d4b31eec25576d573fbaeb3f5a96034dd2501c278193d443f0ac5fc99fe0e28d25b071d5cd0a5eafd4793ee1a72a4ac27e4344cdc90d6f2390e8766256f1b8bf4fc46e5464aa3a797c5dc1a650c79da032be9c23ecf9d9693e48dd751d35377838dbc951ce8d3994d4e30bfbb47a651cd687e4f15f6430508a75208f48d6819ca41c90b016905823a3828615a8cd126f8b9938cf4bef2671ae9244069eaa5b6ed257893af69b0fec977dd41c9d013860c23aacc95c431086d339882bb3643371c04badd2b2a80b52b834849e5b1e04cea77276c695532afa98a50ac4ccf1b42fa9b13c3231bbba7314faba6012a7b62d3a835f0de78a3637f8d4e8988a1e705b0f7107dca62d495acdc98ca2a3cc797955e07fe340a5f431e637ace477bbc0b16f5361b1d6e6dd61019eccb8c0462ae60edc3e46a402542d79b736fcfeca68fa6f113d199b6621ec7362503aee07a2f1c00d7f74400c2288d6034df21185fc081c1ae57562c09952dc51fcf10d734b1556198cbeb27a8c56f105678424fa2b3f0d36bf0ee35c6cfc328dbcd3030dd5baadd1b0dd5ca6441642180641960cc34ce5d8ec6e2dd4288badaa03604565555392a43f26ac03790407d1747dd50dba5d1b8e8f3c3fb34d5a5e0b588f116c72b0f0afa246fb3051093c42aeb6ec3813c801c6a14cf84e122b56a6123ee2d339950383ed590a9d4444252f645e1a55020d1bfd5ee28e6bfa86bd7b9c3030ace267c258604151bb075961e3e4ec088697b0b691f19caf42e3fe94d7fdff62d722a59e48c5f757ee9da3412588c4b60ee20df124fccdc7dc68c47d96356d98f5b503eb3f6891e718ea8080bc37d7d17d6e77b4def9a4cbad636233c132988824c3de6828427709471489ff3c1b9cd1f00060d5c7ff59b9012a60c02ff70eae7fcca98251f4881c52700de4b8e003d4bbcd258f1c362577972fb07403be671933bcf60b81fcc967f74d56c47b1f20957ced8e2f6bf5fda3d5a85de703cd38e83a1a80e5007fdea07003c7cf8e9a9155a2f926dd915fb8e74364049bc26847840e979f514a85fd2c1ecfb0cdaaacb0e94e421bec9cbed3e41a79ebb2094c015f42c5d447b8b6bb35aee2ddc045a74f94641ea2a3602b12f95d0dbf8df682400a1d553f332d6896ffda3d7ca3afaccaf11706cc56da8b07b31251b2ae0b859b6c6c2c1c914022e4580e1451a9663ebf8c0950b484e30c0ebf3063a85a1d6eeb944ae6b46824c23a4acfef4999e0b5ba4448e62331c9ea196de6a81628cbf4dbd30cd60f4d141e935c1d2ea418072ce5c9176a2bbabf6b9fee3e3ef36044e3ce1b87bd8d22fe8076219a1005c3b205cfed153bc910e0f76f99f15a19b8c17c2c93e09233a7ac1aa878303c99534e97f233036927c7940f532b0d7c46458c519daf3b6da7088e6eac6f2b59a61ca2140e44474b7d684da8a3d154aa6d6ac10af2263ea1d4b01bb36ae76d1e71cd3677110f19afd162c6f4f67e82f930d928c4c8bc17251f4245b716535a664a022cad7e781dd556f5d47a50d502059412c5ee9f9e3aac0a4044338595076686e20259aff07e794819f032b1404294c1dd35a66f6c6e61131ce5345dc9b689d59c4f0977622c0bad5669c1717d2ebe741197d0189166ee747bf7b131f80b89e93ba190aaeac51ac73449d1e66fb4d1ac3a5d64b5eb7e2b456b134152b8d8cebfbfa81cb53b79ff626c1ca35c23850c53d6f65a9de4a0e393f16367f0a6ae8b5955c45e5e1c9441680b9705d3b9a2910cc94a5d3661ffaceb79bc1c1bb5ab0b50ff358026596c50ecb33eb3e6439eebddb9cb092d31f14d46ff651700ab1ebb7ed879e1907f03ccd130a61967409fbb05859a7f5f5b29aa84d1d2a59566724ac8bf73ca1a6ba53df2a0a20e9e59b75f020c7a64317d0fad36918bd1966f94b2c33ecf76c7edd04698a70f2817901ee318803e03b8e2b652b100d0bb78603310550774854ad37b01148338082dbac77617cc2e8f0384b75b3ecabef0b14bbaab5223ce52d13f9833455ef70f745459be27f4c14d0d0706e1ac17572e29e474167b12691cf0cf4c32a038672200832c8118dd1e83a100223e67973e56fe1c02ce96348cb0aee6cad4255ddb7cd5d74ec4a4154aa0315af2a39e7c1a2a51e0d846b903e630165ddc2b67aae55c0a49e49e6b95e3039bae06f983eb43b4d5805394bf9fcf8ae6327dca6e37f6c4a1020538643054a675810137647d4b5e91a77d291e441d8ca262c4416228d135d092d2b8904511016955c95c36711f5e6dc9b35d6ba42088b878b88d15744a3fa2fb1a021d8439c1acf68fa4f6b45a6a1f84be90b04ef75f12c29287c587f5c729fb6973f98dcc3d4151f88a536a3a5e5b7821118834799cf7116a1e5113450fd5c3415ebe18025de10beba27399828ca47bbad0a03a4e613d8b705efbac5a187e7c7945e3b0b8c8795f306f4f956cc4ebc71cf21d57d695f5dd0bcf84c158afd41cca86e02e14a54205d54f401d1f1d74d161380055b5f58b0675c9d7d84e009a16b284811678ac2b947921868aec3814d318a44e13a2a84f15ad7955a08e9fd86a8ca77bb5ea5d7f972611bbc1afe77b5f8d5e9e389ea2c319c26932fb831f08344879f2689153ee921fafbb2e44eceb8bae33b7d5d5476ad5a6b61f75250591fcb5811726bd4dcab9c5ff8c7a8b5aeac1a688ea9765da30a0b350e59cddc1aaaf4fb4164ace56aa3c7d1769983d9b3d9c4622236d47e698f69feb3af568d8a802c7231e02a8ab0a06be90bfece4eb7f7a86048d8d9eda4bb142844982b1aa1cb36ec350de3df753f3ee315fdc57d278a18cde5d5845f39bf46054e2879d8a8fb34d24ce3be6da1abd383a9a33c219fb9ec82cbaae70e5d4ea491aae472c9361ce9f892cc192b30c91e811d12f0677f51e3d3da6ea23696b67d72959edbcfccb315431716c9753a86144150093f77cbbdb3922ebf86689344a7b4b7f973e75ceba243173e8e8cffdb5bd60e55d25d4ffe07b017de8a8b7a1babd874aa07a4f36d01a19d99ae970e571df3a91532a0a85e5916520d6b1a38038742437734f3c5ce00a0ab93f4deb5b41e827de30eb6f6927c85e0833c760c96e7ddf403ade0e2e1054e677447eb13c6242d66c4a43d6a26b6022d74e8b6123c283d414fa1c97d6897c9398c74f3bd0cb664938a3ecc12ecb441f12582d50c9e68ba3c9459371ddd225865c19958755948ec3bf2cd5f8f2a0c4d56947d8ddeb74cb994ddf4397dd4ced8644bd0c51e1c08ccca420c3c10f1c9f3fb37b32d03e8ce0e3ce3b4774e46e5410fe5fb2acc8abc726beb6b2a8b3d833719957f29d30a420d8e66943db9986622940f0adb89f1999cb689ea4b3473ff2248729de63d6738f8549235dbfebb264fc27f684c45c2adc440236d88f225f84682d8c33288692eb24db2ff2f275129d0d1b0b24214ab65a3ff5d76aca9bea3e984357d200f52dbb2b13514ff393b1a1cac69987a5f2e91e38fd8527b989dc540cbc5c8bd986e318524b914fe5d367fc7759948c561ae9c2105e905507697d12573afea18fec942c4be6166597607e7f6a59d0bed78d370de53bf6d0d11e140448e3a4002e7de57fb9b928058dfbc9d3e2d811f2d2e4aa158b7632bac30253417b03d39748133444d64f65cae0747deff01df17286d41cce40b0160db026714cb17934535e9128f0b9ae5c31325c00fd01bd70221d4a68decb0ca8833f6a51a31cd7c1e67292d834381285220671d6b91ee629ecdb05be8560b44fab42ce18f00be64b5ff03c23442631cf3393c0868105d4c4dfdb99dab7fbc8d2acaeddbe4589058194687bb5f1c9c7344d3984b01ba2712c27dfc6b29e907839364fd41ec31fa36f513960b06068e977d46e99a3e62da7a5cd714b561db9b565abd5cb64cd1d5e0b381c9e9f1df9939ddca1e76387cb9678ea0cd1d4bbfa8cd175decf38dc779e114178360b164e200a050ef1630a8b9d62554c90c0bbdc040cfea7e96bfcab21637316a5787e2a8592ca914c7ef6da42531f6813797d8d7a3c26f9bbc88d02584b523c7d5fc087865397db924bf7a8cb1ecba8f31fecbfe6845533d320d65649865e1d9215f22c9a5040607c47e7e7d9d423d8432fa4d858d656312311167c9a28fa1b67f692539bfbc48fb12239ee6ba8f8189c034a02ece467e77bf4081a5dd752008fcaa39e650cae46353fd78679a33a237205716a686be7946976d492cc5f9ffe434637d7c3d5f91202491aeb062823ad544d04729fb20706be1e1c13a9dace5404368ae8e9a86810f86861e818723c72c2e8cf03d0fe68688c260bcb236889ef2a8cffdf5bdcc5199060f3931125c74451544403d357c39eeb457fc6d8194bdc3fb912f77d43e2c20fd5e3463fbdb98e006788cccada9a341e6ed631d8e3e30bfc3fc55393efd397683b32e6e30712df737b34fc8e6734a5ff9694eb4cdb3d498e62d9a5d7ec0250fda713be683c6932b7a791785f551342c3cdc2ebcb612c370c8805e44e23c6caaf1311347e0cbfce3826475269a9bbfb010dd3b322bf0789419cbcf86f1e26c3f868f5b58a8fe49c796e85b046f84c08a7d84cbf586025dd0ba63d93ff8a72597b2295cabca93a95acd8a6ec176f28c73af245013666185fd098733631c355c78d3f23e0d889b6682ebc3253cb965735df3de16779aceaa838b4b286381e37ed1897c87ce74b484091b92d7808821c9938538096f2725f3804c1bd2d7bb7b65d32c163176ca58a97325d72d86d1929be36dcf3314177ca582d2e611c6aa77c8197962a6cbac2e0b4d0a83a422509ce92c034b2c108247f58ea89c9650683762618fa12225d9227de0a4a4eddb2d693fbbcea524521eb531eab35d2170b29e66fc1caa8054edac93fb08a058010751d72933c15698fc0392d2df8adcda5f1754e46f8a6aec1fe67faa93e4ca37cb451f9e4decf3f4bd89d76a27b8b20008758c8508fc016937c38690ca08e966a45bb957a91af2fe3b6c4929c4f2c42e7ebfed9f974d0b0aa2e8eb4532aab502a99bad1bb955", 0x1000}, {&(0x7f0000002700)="a9a4622c25a975069dc8c75b6c46b1ab3d06cbdaa2f1af22fb29153fd3a94cc77399b96d990e14e01a42ed2433e96cf262fb37509345cef72ce647b5ee51cf23af99ecdcd465c70c52a2226a8c50ba38dea8d30ec32321ac30008a793615dd544a21b31d077961eea235ef3b3d7d3f6df78d0bd3e8dacbcca12516b98b0fa4b997e5", 0x82}], 0x3, 0x0, 0x0, 0x840}, {&(0x7f0000002800)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003b00)=[{&(0x7f0000002880)="402ace1a55e04cea80c80e921e6b57f85dd997ff40c85adc6130860a2afbc9862f53c34eaa774d4ebe3f38a0f37e65d82d4148f8f054fa1088d377bb51b552e43e3ea7513ca2c86136b8b77bfa344e11294dcba31105aa89bc62d2ca3850cb8d3a195ec93d6ffe7dd38037fa1b7d04110130a7e416db33aa15ae401acc713a4b872918f9c727464b2661ccb3090dc02eb3e1e9564792db3e9c7f74e071ce6643dc5a85066c8ef11274464fcd785f05bf84f7620454a4ba39f4fbd96a893185b001101e2d80b095008003eb89e261341e3727a5042a028a0601058991d8543d45f4880183b835bb2745aca4656077d926a5c096463275522dea02d9fc620a0a4f9f5aec54b63df80b4c17209cd339691e7407d446e26f59af904b743d9d6b76da9d802a33e86ccca50972b3ceffb9a3651c7fbbfab00c07ef71e3185a1dd4220ac5096fb237ab239f34daf12ded3b69b006aff146b739be73e18aa6640ff63cef692b541d7a3a386cdf545ed65c0a30566a1478761e21df88e8c09f1d7ac610e9db39fbec04b528209e0a6cc9f23798f3fd87318e854c2f424d8f9990399ad8c9171a8545109f3bf6319bbae1299b9259080ad845f40c253f1d7fe938b9bd92af7487a1feb16f5e10d0107e830feb5eaa597616bcf5470b024632ae288fae3cd710e649a02e40425db04ecdfc2b92c1d65409691cc6a559ee11b19f076098c86c6b74b8c22d792a407fba2588954fe7deb567673ff6d8a7845c0750fe45a6472c4196b305466ce990c46e9fbf5e50897e53ff6ecc69d8a80a2249dfaa5b0a8c8c40e74c5d20c7c592fe159daf409647f6268723c93c74c526a95408a8c3259ea9dad4c9472603233e3bf01dc5d066ee99c9012a94e6d5179a9c665e89d1259060a92e6323ed6c6f9ec72060929cdf9e3d2a2431eb41fec5b1f316c5bd7f451cd732a4d96e314ead66fb050b93c488ab0116e2bd974bbb28f8580365f232f429cd7266d416b4f289f9bf547904b5becf94e01b6bb7d9e51a73be102b4bf44936e5d37270dde33b93316413e5b83650dcf0b8fa3d91320a7fdedd242e3fcb91d69d31d910d6aab7b8ce35607f176666574c63ce780c67e8b21e3c5925aeba1affe8efd494e7ef8cd828884890336079c57f53e69bde07d172ea964d0078149c957d07558327012400eeb6c7ae3f223531314dd62e7ed372f5b095d812ffba4be5e65113dcd906357f123ec9f0dce22c4313b0ae1babb680b2b48aaf2dba3046418c1af3341201b27b210d4f345e42758bace06528132ff45be082e07b7e66beea64479ad66897659ef98be443b3f9e9f5228623eb90a7efc18ff1a2691a8a0077152c6a0038d28427084db7dac1fd634b94e2ebdcf237947b71b95e71f3cbc5a7aacddb086f6c0205b87d2ada1e838c3d346d0501f629137ee0c1fda31f520f19f40b3e3f4e306e00b079980657da5eeadea8091e04e2d0f7d64d1e9938d5f916cbd304cc297cc5f8832fbbdc349a18c5595f05908a2ffa8f1f5a377120e19d50d6669d86c91f4a2f2239634a2b0bd572ea86707149cd5b12119f56ce0fd8eaa19da505985bf8fdb3746aba61a84fa12a9a4eb852d3b2aeb9dc1a8ec835822a5984aa64b36217a01077232a6f8c0abac5958b89c09debaabd9e6becfa9069ce01cc942dc249daf4875af51f90bc14aeb510ec6a6313dc5d8b474e948d07d89792cff74f6a1194cb2efc7f0e673981789a411657ffe60ee91ec46eab40abe78dc3f4c2450eca5ea732439119f10ed36903d2cffec7496e31b3f8cf43e85a639f636fd847743245d77a79e5cc9167a7fd1130d7c9d58a09596758b4de8b384c042b5d447c20d3f76bc9b62ac7234ef7a48df6e73fbca60e9638b6945a06d07dd1fe99cccfe374c6c22cf3333fefa870bd8d09d0a42eb9d49e280c4767a215bde173a3c397461c01852a47721e6d35762f37056b1e12ff43ab1cefcd8f681cc34e8a196fe3a0425f8bd64224abc129af48a9ac6b4543bb338a8aa6c423a38328a037ccea0eb0c2c1eb987465192c1cc59b004ea2c2ac95bcd0a41c33081e4b07fa950723c8446a485c6fca113e716f341bab437e12fb21914780b9acacc89880c204b4354a6a0099890b2b14a30a8320733aa459eb583dbfba87b4240d9858ccbecd4a6ca5675faf0d2b3fdd13f6e14358c1ea92c3d71c2206666b1c4fe61b681f133e9bd701a70e3161b4108ea0889b98980d48216f576773dc82159cbbee149e4f5ad1f0af28a8144fb5e16f78895dba056c9ecdc60d8744a2edf0d65e41b789b1994810f25f28d44fa2a44dbf7d73a8bf1bade29c29ecf85b77660b57422e8cfb0a0a38478ec53b2e4baaaac3023588a8e91fff6ecf3defab317996cba2c6ff1e0f4af20f620562adc40a0f4fae599b8abe3d5c577d1ed4fd37ca342904066738a6543b1ea4936f440ed694b06eed3294e3bf769bf71802398a58d974f3998da056a8327512c1a2bea3e31c39d3524658903df5e855aa562776180e337451223fced11c34333247147dd3b4c9ac0682cfb9b5d0b843bc3a5579d46b1ace79d628b83afdd56ce75103e57983896894026029959abd10912df5d060503a88155e8c5a5257eccdfe9ab76e9c06aa8f5718701e59993a1e595b0c1ff8c9cadc28c129deb313000be401be88b9823e063fc9ba89621d9bfbb88f2d03812f850b819f050498cdb59494b5af863e895a4ee6bc83e34ac6de5625fdf2c3a6b17a40d4342174b90273349169e2de71693e3b605409efb378ace3002e6ff42bac250c8fcc3f4e5584785902481c6f56376a9f343d6da4c4673a624faf5f129d3fb073bc774b04c760b9fb82ef445e351a02243c433a0c9cebeea99c4c4983c6869f61738a12429eedb8aa4142ca8d90442bf90f5271e2917db2f003d7634785f2ffd1a69b89f282fa3a00a02c0466b845db4fea241aa7cb351f66b3670ab092421c0a2b99b69574ff9b57999d590a736ad35afb5002e645aa95ac87864fdb7b345e774d2562ddc4c1f8e92b859bea32efaa0e35e9abbca18b2f23124b6ddad8a09da6255207556064c5aa2c1a433d9221b721a319ac4e2607251d077138c422fa786fed351654d3f9ef866a75b3d3321f3ad8fbd9a0c0427f10fb783457d3b4cfabf6c512ed51ffa6d7d4b850d11342ea2a99b44fe8ec30f1ad65515dc0827bad79992c2f4877dc0cf5009e7efb09bc6142e5fb64616b03352ff6ea2d20bef400bdc9245b5384feab4df30b491053931535f8fcfe48509ff66ad67e3e7a94c2ba49316048f8c51daf21455f47e53adc3660ed033b7e49691ef25303d9b65d402d3975dd8b7bc2d94047e009720aeecccb156e508329f38b5d5545adc1147218a7df257d3a1ed4037adec8f39c04228f45e164fa1cdf18ad7c05b52480fe6f554dbe23e45ea2e6ba76f716741531e75e610831a8867c9def1e7457d822eaa38ecca9cd803073fea513d524b7bfdfd4cacd89cf875e5470ee0e1749e27794ab9cfdfb639925b754d3428af4fd37bd1155f3d6ebbf7f9b4f6f9ba19063e5535242c8f6ab38b95381bae686411b00e4ff0cd6fc6055af13923eba621bfd9041a1bb37a116191dd91a6d7769c160cd0b9227323c1d1d2d4a07fdaa8f4e227a3e3c00b822c4c53c4c9ed4184f6d1f9aaed0cc2c597d6fceecbc2c581271f5be5a837a8ca91d654f3f46a9221a74434737ec77435175b8189717adc7e9e42d52f6d1746c2d89f863c6c8e143079688784fa4b744a0ee77ee1db051b56ae19f56e38a158f1688ff840f6113e87da5e228e7b6b4309ca848ff056d1bd9ddab7e7ec6c4297a6b34ca5f1bf19c8a750ef5322c5e0e6127a51d8317b9a93bbf5dab069a5b092945d7f5ea3b1831e7f742ce7d62c69b470b314d45e259df02659d406a1295b1f399fc3dc6d4fcb43545ceaba722e674fae99ac4e4077989e0038db253c507f98445e9966c04e68c2e41cd90b06474c1f50f9defbade1b997d73e2f5b7a1c062d32801300a7e4aadd47e479ef38e80272a51d613ae297d90827da1cbdf1d2a7e45c586adb846c8c82258b0eff1c816e5bc72a582c6ba437bd91805a264052cec340c75d00c9d95c2fbbbf52d3da589e7aa642a8741b365be4b1a85d5020c125e0076013670b43a6073fbca298591c0c0767d1ac47ece787f053b807f998628e4eda57934c3c1dead62bae61e896c928f3fe8bbb7f452a74ef2d023d009a44506ee87a4e03c571b338703b2f9af292aa0eb8e40f3d402e895379c1cc3ccedb713596bf08fef2b9cd0d719dab3725271f6ba254282ba63c41a288c1df1954bb0b21ec769cb38e3ad8c5e04bb4c922890d48254cc48eadcf2f5a3772445245c0071bc59a9c2a60eb15e24727019b2c8f6b438bee781cb5aede54f65e22df246d1491ed58a90672fe36316c499a2afde2a007aa61b36c04a84822b3e55413092834d87d28cc25be028bbe49a79d2aef62d5e28522aa21b139a40524add706c7aa641096e2a66d4df887d0eb9392084d3d83eb87ee5cf222ce09272e4f18983090b4c6a93e26a04c4779a997a7fc8b785fe6c35635e91cbdb6fa59647e739145ae1febcc9e11e7ebc33ea5589589b1fad5b8aa7dcff93fdeca8d09d69a209dd3a3fbab7748ec4023516d112dc7f45ab83a1e8af01b4ef945c4676ad83985979367ceb62eeefa19eab004e9037824f1ef45a12dac3e5ede3f28ce84cbbafc2e7ed32ba1a594ab683030edaede645a2a7ebf7487ceda6eea500eeb4c3c1b3db2c487aea4e34fcae55c80e222a1e108a50d8bacb32b99a6e98e1b9c466a477ed68b6d7af46643c873aa7d7b2c4f9ce06a5a553795d24c246a07779a62ec79030736e5801872a82342165c16fbe9ae9d1feeca1d093e082d98f51700bfbb084183eae511e043f2b9d15ebf503eb22d4e2519aeec7bf0f15a824474050b39e1ce3cee3713279aa346a2f619e6a618c7525de9d428b63e75122d2e37b7f04db5e5ba8310c5b00a8136f47374d1ccc6892279a9dfbb537d1380c927bb51b0c935c18cbd4678f8e293578b07209a93094a221c60cc5bbd41ea6e4f445f9f21fb4078bf364fa489a7fa42144fe2514ebfeb55feb118e1e485a4d1eb96c98457609aa128f5ffe50b36d7c951a41d0c6ce9e75252e9d3f340f90b6b6111ae237af480fa6d5018bd8929c84d352456e17c822f10916f88b5a0412ac27642d9c7a2ae83ef362a61610d206e7695552d59e199fe142f96a2390bf6eab4e8f0f4a10d4a1c8db17cf36c0a61d70e90973b486cf945334f668afccc41f75ebe89a6e214140640475d5e8759a4bd171884d0325eb2c71cadafc419a85a34c4f7dc9a1f0b53ffce19f85df4cfa8e4d25025b618a383dfbe32e8170c5d9e578369c28cabf00bdf11630a6ea65481a3b3dd10a154f968c5b139dc9409df3edbb01532018a0f017cdb67ca70a8285b63c24a027304f7c774f27394feea1259912a10eedcfc37d8d0792992bcb4592d61e5054cf3dab22f64e56963147ae52675c11f161b77d4966f7ee5baa88a123ff3254621269736e31972e9a3014669c788968c5df2dbad378e4d8f748b2a5b44ec9302a720789616f8be5de5aee93fe78f58c6944069860cd7b0d8b745471c5bc1d01169d31742ee52c18b4d29a6879408b08cac2371b2b4681bbeace18f53001a6af92bf4d321a104709aac94e45995d9272e802f431ec7b5de53932fdc8c408d86eb43e385f8b9e10fbce4155722d7c67dd7772665d3abd563a917fa0750405838e21912b", 0x1000}, {&(0x7f0000003880)="9f42b01e6ea9745ec26085115bc8eeb26f2af60efcb9472757ea62f18a7a2d653dac54bf336e6ad6d80f081ba7352adbd3f85946abee4a38095ad95b099b2b10b5a13094e00317cbe2b1cb09eb4a3f7e0e192afec1d6d888e00c84fb0ae812eb87bdfa21655dbfcae3269a5c05882776bd8b929578aee5409ace66eaf319b888d7d0ea8667faff016d829dc2b87e930c821a44ddaaa2007b0e0fce390ad436d5f2a9aacaa864017b732e1bf9d4e1bc3e8b021a3fab2d05fe13de4e38da003d1c5097b475281c08dd280bdd2f3a771b5804aaafc1", 0xd4}, {&(0x7f0000003980)="81c6e8c4bda00dd1cdbe564f5cc3bd377056677dfe4f0d01537928ca0401fb8f9d6670502bf935f18ef14ca2414b649479f06c298fb26df646d91418999308f545d04bae883646f55f7d4926", 0x4c}, {&(0x7f0000003a00)="5c9477d5b403e240b92947dd31340b2efcb7fcdb6a69a5df7326be0179c90b85d4c36fa582a31b0a591c26e5471af9291d5308b4bbe15981d69b91abe36a9bb4c39489332c9d9cfbffe0a2046505a4eb13fcee844ecbab8100779df6da81379d48f8e2a9bb36ad71a7bf1b71fbb5cbf9d11e52c152da6edb74e162184b8c8cfd0a", 0x81}, {&(0x7f0000003ac0)}], 0x5, &(0x7f0000003d40)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1000000000000000010000000100000020000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="00009ee9"], 0x88}, {&(0x7f0000003e00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005140)=[{&(0x7f0000003e80)="4dd0c6e09cc9605081193f0f8a58519037ae59fedff85fd704b5c46e87e0b48dc616aa473446c587badf23e2dc1a7eeb25b717c9613d8cf7c398730ec1ec0bf69ff500d65cd36ff63c867081d65152bb05c5d2d9815c614b05dbb9e3c5b3cf1dcb3e25ad5983fb8c160d626485ea6910fc7b6d", 0x73}, {&(0x7f0000003f00)="ebbe70b9912b96475a6b31460d94b9d1e0ffbcabdd8b88405dcdc3b195ab3650f2decd47621bdfd754ab1536644ba86ac083c0af405553a852db6a379f8dd6cdf685137309ce04ec838d67d99030bc7e2f866da593727950f9f5690d898541cc0bfe5143d73f5a8e4606b166efdd2682e8ff45b7882bae2d717c76eeb08bf080a8941240e038dee09b7f2a63fa64c058f2ef19208236d611d4e59f4705b86e8e160391cc7ed4897ac47b20ea1b4f45b90d787097bebab4582b6216fc5d9fa7b190ebbf", 0xc3}, {&(0x7f0000004000)="7754f033ee07f8d0f3a81abe2ccec76fc6bdc7766045d573fc1ad4e9c0480b444546f7d55f20d02bf5a841a966ff04d736cd688bff24bffc48eb2edef7b2c225f80e1d96ae98776daae2c750c315a4a42785cba836ddc80d0c57c8bb81f34925836ae9190371223d6b51c1ee94994133393199a6868411d82d0a830c104cac4a", 0x80}, {&(0x7f0000004080)="c261218bdbbb9a1c4ab97f406c02d5c2c512d41da4852aa562b413ed3902df29b7715cba02a73513ec656d20411068e0c4ec6a03d6836465ec9d9a8f236dbc5d9d47cdef8ad8cbc97339dfc85a8d4f4ea02e9ee1ed922c86ed55869bbf517d42076ee66b812bb86a31bec849e40fb2fdf0f2e2b7998d953debdf4fc525436c117804d0201ff1ec670d0fc0d1eab5797f04205274d69a17be3945d20772d35b3014462726723d5d6a56", 0xa9}, {&(0x7f0000004140)="959c96d72f83b81eaf245580455f2b6d8cb7eb5b2ea2a96cf4420e73e8bd1b949e4077fa424ec562d9aa37da8ae936236590337c6b9d36b325e07c4d0441f1751f77d626eedfd54aa499cd9dc7ca4e7d06e7094f64e4ab316b5b28979a1a72b132341cf0a53ecfeccb9ea6588c034aaad7b35c40f40b1f69d775652a610d919e767a60acec680708f0529a14e133c788ff196413f6fb50b6ab4144e8259cddefe2ccbf98c7d4e75bc658ce51dce742aecc4710ddb579bfce9e6cc2b2f492e8f9150f4b72ac15f76cac4d37b6bc749507a37256b9af57e1c0de1b759482a2687b7452b4e88867b55b109f9a807a4deff9afcb51f9aa681bb6352f8d07d75ac809de84a841d05c4cdf95005360fc2282d3e10f6111f71a9f08646831cdf1dd1ee521e5e24d712bff4913a5d3f9334c1e9b0bf230aae94a47965581c5f50658b0a6ea2357a9dcb072aaaf3fb5660d4d4c36ba656fab850faf00404cdb7603c6cf25b4d44f944e89a4a77a578a068e4cdc98aa4152b39e3eb63c96ad65f61ca1a7efd15c7f0576d1d42c762e3d20ab5556b722e16379af5d8a4473421489a97b75fac231b20b9a7a0d29e4b6c451f8724927a2c27582f9e960c2166074180b5c27afb1a209d5ef8a976453c8112467078022fbf43802e409cff914e261231c2995d7180b531ba51a5ab744428062321c318be931b0522f55564034dc680eba5a154a86ff19f127484a094961b67a5c5ef6875b5bc7b0afb6c7ce0b4d6a841ec46c66e3930d5103dad23996f9a61dac41a343288ef65b52414b1e3aff0de008f41d0951857235cb3bbe1d306d40ff3bd960237a45546cef03d7e4e70daa0b6a0ca5e1d2513c9f2f3e2e5f2495cd21d62e345bdd9f307e37f7f598ea88ca73c4a9e07bd9223c950264a08fe7cd88efe052c50d7f04d8eaa2ad85f90df27b42619ccb762ef807525985a82fde40dfdb53f7f87ce1cb8017f045ac79840c4d5e6b6a247b5cbeb21bc1c8d62b60bdb9011c5506fe630ee2fee10ff36edab8f27331f8a6f69c5ba1246bec11c04caff74357e3b295f17c1f4917f6d105f9892aa6fe0f0c1457a9c9782716b01c98032e45f5fd09e29197dcce6be717e8750b14aa0d45570b97a6ce74c5a723741c420426f9b4cb0fd93a4dbca9e59ab0550c8d29bf14bc1796dd767ec2079d5cbdd580872df8edcdd4a27e1d9de6f2f34dbe74185903e23ea8228724c83ce36ce53b6da72eece086f1336334b9ce4792c85663befff5145641bfeca1a93640083ebd82fdbfe245ec6d0acc25df49faf611adc38f4890f9b031d7adb59a15583539c2598890add285db9ea48d610985e87bb9b7e3a2221dac503160cea094ed27d00f13dcaa4703cebcae72515977056cd8c6b4d5a2c444d75be21359d0b53c6a9c17d99ec888afc8d700d55182f63184036038a0beccde74c6a388b9c4241fb5bcbdda22194737aed6cd2bc36187d9c77d0d1b39a11dacba849b6dcc58024b6bb187307bb28d675300cfa9b27d94a137577e6520508e8be31b2c55f3d6039cdff2d56ebf45f1a0a649462fa6d41948d13925e33ae1434274cced93a666e7ef3c550338d1764f8b3d996fd236db900aeeba50c08c6b9a53c31afe85670e8b07dd8b6e730fffa2393de4371b3fe3f4547b074b9d8af1dceb9772e03f98619d672b6351acfe69a8b473f685449db971fa3f42e4cec395358ea5d7183dd3cc9068aa7e49da8e11d67efa4b81af97c6962dd7af9a82d7868bc2ddf0f84374b5f906ed3a61b5942868d2c4dc34ccb60655af495c185a3a3b93fedec1df532ed62a250fc5e23b8b98b748c04046bb78ff719ea4c1091b468d3dc3936d89e8ed8c38b23a85360e388fa71b0fc9679a4edb4c702524a4fa6274598404aea1f4159f8f55ede64ec1bc0402237c603b756ce9a70996681d7c6dcf5206f74f12be57bd8436e0d4676bd937ea25d40ba9bbfe8d7ed0654769ae4516ce5b22e468e497defe052631bf76b94137aa2cfd67bb2e4ca93b5cea19973324bcbacf1a5ab6de478051125187d2cb82dfa9c039f0fedd7e5391b5e9d86905024be75c967da90dd99cdee07baf8bfcb075bb80d93b4df6a113223100e107d983262dbfba382258ce079e6b94319841b9cb7830e7bd1e23beb0ef179afef0fe252118039c8ae967cc5e8ae80bb5a0eae70e19da7c666cb5375b13a1c97cc5ddaeb56399f1a1155c0dec986eb3d4e5c68e910c8041e0db416491a48b00390bb1fcd37f77f2ddc06a0417b60d3dfd43c3ea23225b0583f3760bd013584d1eef8089e277e920e9f43a91095dc553434095b50601dcc57bd520de964cb3edf0a10cf6e4a5aa7078751401d9e982ec78e561d37e215bf28e1a612c7f355ca496dfc747cd1ac558535b9232e9882e3258d9dd25c46203154a018af78f528a3834c2b40ec55376adcc9664c46e8fe7b821a9df558e8980cc69b4849ee48b98303b3cf6970339d57e5ea25c82a9f1aea074f1067cbc6311f7d677064d2383a6b632bc8a1ea562ea1127567fc125db536847fc59a7d9950f88e128a3d9c69ecdccd979361f76b3f1f3ba393945a00691eaa30ad7b42db0af1aa139dbf23ac4480935ab6b51516efd798554913b6b7fdfecb6ce3319ce985cabbe93c6bfb361132598377e56e902e43b59b2c9a130e0d93b89aa8737d2a2b830dc61f4ab2fad1ecf6f89ced378996f66ad68615891d0d1eafc2830b412f46f110ac7516072ff0d27e7da59bb5783d0fde6a3baf1826d1cab6653e4ca6b4a7b00cec0453a3b7ff14cafc6a8302bbcb115d4a2be0f2e6f26f2a30dfa9f349a5e1f69cb24e295d3d7506767bfaeb0b16ee8b0019283a30abc58a7f47d2d4130363d3a8cef05bd05dbc738a815c3368c7e6cadb4be869f35d42e89fd3f69c8659cda0f04d4d352dac52bd24cffa58e352b8c32ee0140b7a61a7d57d629acdbf78d2c40b0db4d68d10772f17d8efde1ec6be73dfa08e391a55879a1776537c98256bb98a813412b821addddb4f45532d234e695255f254a9c6cc9c6831f8c70c37f4aa70eea25b5d1a9550067593d9b6b935a45386ee1439e61f3b435185fe0f9db4f41eecdf3fd1cd10bf6ad25043389e64cd174cb69177f3c0b6aaac57dddb38954f05dae8a04dbba3a9ae6dcc642556a64f509514e9701d3348c457baf3207812debf480555be25d1794b003de44de0ad7957dcdfecc17c05036c93b3ecf0ba3fd03122d12b800af53376e3c4a4807898998ccbed88eec3834a116cdda253aa2c86d37ac4dd8296e08f03d0b04bd3e13697174c843633993e7d4b2a18d2f0e019540b78ce6cb50d755b94e6d2ce5b076ebce9c32843e16717b63f8f94b60f3e4415f43472b67375c8b362b960b9ab3937d111769381d7eeb61da375bcdea425b160e38fe26c417694642fca3964061b63983e1548a2c47bb4d60d71b86ee4a863593212aa8a58ba7969e1f8669cedd7261a4d22a3872dc0987da29c7f49d9034a4df98347fca2aa5d542e900ae7fc1eee206baffdf6ade1644e5221eae68fa8546c5eab481fcb5d042be5a18f448a16e2e954c4d12262dcc5a3fc56415d2b3f0149ee6de3ffdda3fa72a8f8492c19f0889a0be03b07fd4ab15a71c39a894c3085749de06fa577f38e7fa4946f896d74f766a2b46dabdff1c1216ebdd3f9e1b5e7c3596575d173a8afb4e9460513e9ef7b196d33a30f088a87e4a367baf5c1bedb078bda1f08a1adea92379bb30d7de5f91f51dcae6613b66e58975955e71368ea381e6ebbc13e2a9beadd9dde90216ce8d041078b6cdde95c01c6ba97e8dcd8df6ea5e2ebd5c33baadcaefd5fd735932c42f9b04bb4efe05480e045750eb24980a09b71355bb8cbae73cce7ffac6d276caca3fbe7f1c37f46b5862757172ff0b96f1f1e0b4b0143417ab3e5fba1afc54ca7f34cbf81f5da88477d6baf8ee24f1af1d623f4a2ff739c20765ca989fb900c2896a50f5bf3ae5a951f00c62464bf4f9e64f48088b3a0f46fc83e27bfdff28fe619b2d9efb2ab3c52c76f8780017043b6beb80a1bc1b16b0c21aca221ea9f2f3fa02942375d78ac0c489d3305de29bfbc3c4e6f230a0dbe0ec8681c3b6e5a5867c379630dcc34f7fc0f153e16a79a7cdc8a16ba210cf445623957a529d849f001849294ef6a7c97e704f670cf804ab0f4491f74407a4334e0e8a988e2e03b95b931de36cd3ceaf1ea5c43a35f0579a910776c76bf3aa893c74a40ff1047fa1aa2273f030d3a6ed941f989b693c22e88503c9668397857d3668fbf8b6d229388f77467b0cfb6c6194eec6c54d05a131e8eca9dd7084c6f447a4fd4089d660859581479bb227387f13eccf5a6729d45edf5bbde91a20650f2892529f8c23352efab3e52eb3e6a27ef5681b324b758246ede8161c2953cc6d711f456b411a6e469a87b8fea6cf8975567527309dd60ebd91d9d84291feb47eb550491c94cf666b3bb9c77465c7dcb682fc252f1587bf3dee648332eeaf15ab4ac906e9e9b9baef12f90f7c28a22de15a4200d5186efb01d4966fa7408980a21813d0a1a6abf0b642e27ec1e7ccaf227e858a39f5aa1cb33119350d6e87b278d39761f5121450e890afd15d28a7598f12b109038128922322900d3004137d659b6efc829e800aafed967c8034612c459aa2117986835f1f23eea503d83fb5192c84c4c438a737656084f1652b6e8a0f024cfb4e2cad6f6b8f4d959d563fe120bce26bc9213aa09e281f193d055214d1688a08c3118c2fcb1feb939adec71ab92934c8d54d48ca4dc522b30e3c87fc50e448da3e59660b1d63fdc7022d9e084c7cbb40c0cf56d6d047fb29ce02cce35ecfa65dab62e0c45f528b02cf00a0d722b206dfa02c15afbd9f8a92212e1963dad7c0c27fea01bef55bfe7ab13943b8dda4750c22f3c261effbd72a931c18134167a1e600ff8846ec7a06c871f288a8900f05074ef0db4fa23069af65ea31d73138c4eb435f8bbc1db1311a746ef7ebb0b2a82b5ba006c7923b6cba5b26abdcfcd5ebd5097ba32c1af47e8dc087d8957a54253aa0a8893cbbb340d112d7a6eed3bff0befab48f41c96dd74b5d58d5f8c683a75ced52ac4e198e023dc671fd2d763f547ed506432226a1f2859cd48ad04b396383bf963ac5bf436667a0964b29afa8f0f915daee7ab2396fff2493037b44f5e2886315baeba09fab987a2a651e1b384b15a7e9a3b4b52b05e544ee67dc0bf12245eacf980ebe1338b9b6b5a21fcc8bce392a16af5b9da5b5a7bb75fa86d5f91d2c04995847587d13fc2180c2b80e53cba5a9f8027ff2c8d41abc91d196c991b0be7bd065f482a5417b2e38ce3e2b8c35341dd6af193e07b49b9d15ffdc21fb3eaed4fc1a7bcf16c0ae42169bd946f2b37d44ca9c079c29ab13fbe4a64df410a68c7cb46b596efc7240758d37fb1300df5f2f4ac43d6ed5e84e409a891ec16b20e6d00f0478d1783e357304b2650b788daadd15e4cf71aa9c3242d9ee62c8e43bd71c5610f20fbc1d72b9fe00d06aed4bdd0942f55ae8ade9693fdf4b6455336cb432bc1254da362ad42b921d127e90f130b51184257bee3448eeb90b86dafea41536e28942ddd54542ea9603384496f9e55776ff632eaaa7d2987dd05b490053a48672e0fc20c058c4e342724b6a1ed45c856aa476ab55441629bf880e35ca948c74ffced3c7edf2a21c89752f6670ef5c205b94c5460da8107bcf0ff1f1326cd66032856cb8c899d6c9b678d9b4e2bdbe98d6ba0fd6cd9071e786cf797dbcffd570062b8b03", 0x1000}], 0x5, &(0x7f000000aa80)=ANY=[@ANYBLOB="28000001000800c7b7e203a23a91d6c463133c0000001f", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="20000000000000000100000002000000", @ANYRES32=r8, @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB='\x00\x00\x00\x00'], 0x48, 0x4000}, {&(0x7f0000005300)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005440)=[{&(0x7f0000005380)="a3e94be3dd770bdd65f759edb6eb37b3b94552c0822be68e4adef992937b259027eb85937fb10e287ffc41e5cd1f2446f26669c1fedbc1b281882d018be49625ecde82615f9eb47e2cfbb9ebe682c52f7c791b7a04b0e3cf5be21675664e72a81ab87b923bbea794124768e3a77f0339f9697f75ec93368fbf7c57e6beb6404ca738713f56451557edbe408fdda44781e03b7618b484feccd237918365802088b5d92cb96a53d97ec65ec61eeedc7dbf6c96ed", 0xb3}], 0x1, &(0x7f0000005840)=[@cred={0x20, 0x1, 0x2, r11, r12, r13}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r14, r15, r16}], 0x80, 0x10}, {&(0x7f00000058c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000005e80)=[{&(0x7f0000005940)="6ed4a84eae66010699cf2c6c146c014115e01746d13cbe8523fb71ed236c91fe5227b448fcb36fee2b2691c9c7ca6164eb0f75f93c47317d5c49f665d1344aa0dc784c15b8a2eb96171d005a9159440ebdce94bca9171a6e0d4f2b1c98fe81515edc967937dcd064f209cd0caee36a315398be0ea76ca72e932cfc67c969d100f4717ab874a861d6d6a89c454e0b477aaa994631103268c275ce0cb63f8aa5256cc32df32e94c016ad568a6bdca007f9", 0xb0}, {&(0x7f0000005a00)="1103747353cc011b6fae68c85c995b99bac2f354a0a1efde73efeef4f52275d5e7f041f285cb3af516ed66ed3d01bfa2f899c083333e62d0b13ec60c44af3107865a14e2a97220419064d4e6b38c607c427e49000d1baed1de3bafaf48095c8a94866220465959525753a3b7e03ba773926c6264aa0bb67b23fb4ceb8d3f38f4d46c42a6d658ed256d8a7a4ce991ec9a598f62341000bda995194f60455ac85ecedbe71e65b29122b03e60b526253335e32e5131d3e99f8beac42d11c8b94283167c71d63ae368f661433ea3e7893a56754ff413e0a0d382427d2157", 0xdc}, {&(0x7f0000005b00)="4e1f00f6889d4cef5c21441add7f0b2effc75299e842ee2e39608fbe5104ec8ab20970ee005604bde4ad7d4a105d45ff162ae4d58335abbd1f2ffc98337a4e439b77880c54fd6f1376fcc7c77d04c6241f9861579565fcbc3372140257e25a03fb044cd90da7383e86a81f61392ea7e7809a3def480d0ad2f8dcc84e86bb7ecca6b498", 0x83}, {&(0x7f0000005bc0)="c0029a4b7ff2a010250997359064a256401873447fac71784b6c351b0e7151bbe0558769aaf2c4ab230b3c845fb26f6a4bc628f5c18a624176715231b5b332fe0467ee7ade6900cf1a02170d35ddeeb835defd371d40a2ca063c7a071fedd755cf5b8dae56552b63f06e8b7fcaec6002617531bd2ba5a28ef7fe3393bd81716f2997385476c8c133098e9906c2ec8d9fbb4d49ed7b88299b4da0eba8de6c07f5911a4bd15f100fb0e08303e9e54152f360d2ca9291e87c63f5040ebd968c041661a725e998ce9927ebc9fc101fe9e32ba50b59c4070e41289e0c5630caca190b34097373fdba28c3", 0xe8}, {&(0x7f0000005cc0)="2a990cf0bafec2a96349275b750883f8830fb143140f2641a74491aa1f17178668a7edea1bd89f75893a73e8c385fbf1887683e96e91352e60ab6de97337ed64cfdb91a5901eb006c62fb63673dc2b929698415be18a8c568ccaa73eeea2f3b4d17bb5c14dacd6462a298eb20a2ba4979d7055234711883650dad520de727acfe6698397e30c4a7e88fb41e26b9be542f7c270c2b9ef86e2bc38778f347b9157c3f5f191722dd22c51a4d60e1bfc675c75eee1513f30defd884e30af4ece82841afa103ff1951c0410ff70d9c9f3639a805bbc7c355c56330dd134d0059d4c7a5db2aa6ca5e9e3eaa20aef5edaaa3ae8fc06a787301a", 0xf6}, {&(0x7f0000005dc0)="dfe48e4c579ed3a8c9b30c08396d6a03314ebe154d579067189a63f477e37027ad5984a0751eaedc5992e6eed22f553d3f780bf963b28f0e75fcea592f4f9b3d50b878afe7a59353df0be8e62bc4a84363024f447633f2b1a8e839ddcea559262868e5de5a5dc5cf86e14f65b382681fdb5063bcbb48a74c1af59e81504621c51cca9ed714c2da270112ab646084ccb5fd4c4d6c4ba795dd58ba3f773893", 0x9e}], 0x6, &(0x7f0000006240)=[@cred={0x20, 0x1, 0x2, r17, r18, r19}, @cred={0x20, 0x1, 0x2, r20, r21, r22}], 0x40, 0x80}, {&(0x7f0000006280)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000007540)=[{&(0x7f0000006300)="684440abe89346437d64efa8270880dbed4246b215d1a99e23853fc91441ff9e98514176a86a8ec3c64276011029bd7aa583dc45695ea84896f719ed0cd99ff6c25fc2aef8592790658814a24c92e017bc3ed55e1df9161cf09f38a5fd8bc5f5cc6c5d8bbe99a2", 0x67}, {&(0x7f0000006380)="08a24d83deed6153e0d481c9f65e8cf429adb085707ad342b14f3a05107621c6cf5c39058d24d2064b50aaeb813d9a8ee57722e7bf855ab077706ffd4a5e283f5ae4dfb133c931096e01e40512659ad6a4464b85895bf9599e3ec238769b6c204576996eafd1cdb5b0e5e77624aa0f547eeff0e9d06c305a", 0x78}, {&(0x7f0000006400)="9eb57159cbabc79c48966fae7a75a5d52f75ad648d4a4cd642a73e595b94d628709647686973dc3779e71fcfc5b92f8c3ad277217aec3ed8d6574e5e715c41c254c23eba28953e39ed0af20132d19d3224a0ea1afa4f4736e02f5bc71fe18fefd504922b809a23dd6bb34a30ab5cc956808942929227f387dade37b58fe69f122a01508a5aa269f4bba0134c5dd37525218e1a1b10a0b6fbd224530c10303a6668b7c88ee1326925bc7ed32d6351274b245e40c6bd032014b1b475ca66592a5c93d1ad0242d2487a722b35b84c612059a9db19048165824dc48f8e26f7d8f4e3336bc6e803f57f97ae4145a4a0a6b93360bac7e28ee662413845c393a7ddb2f893da842fdb097c3c3d561b14c63887ad6715ed050ef42687894e0d47171d1fd6b03ef4c5e03191e78f474c0c1c680bfe18067062b4742f81dda2063344570c0c26c1f0a53795b630d38ce297e815631327640f618683fa690db74270e4973e59f0024b782e5902baf9a7332ca756bfb3096b40b464e005f000d31c8e7156445d9dc306a6813b4efc07b5cc79fc42fb70bbc825d5c923b6aaf35939648ed37ce0b3e5555c9211b0dfb94cc9d6e85599980fb04dbfa7cf3f42c4b24133f0124a8073b5c4c8da5f50b2f5c970b3a0c5772372b0c24c3ae7cfd44067f8a216d81fb9fbe27b910d23b2062bb1f1e107cb5abed992f7ba12b0a6040729158855f0e0be44d7db8db2ea1f67ce5d18c9def8879e79d0741314532c63fbc3b0cc8b36a785f8c63e2d5ff3d3d8ba528017b5190125e915d8cb69277c1771eb41a6ab5a2a4475b47390a82b0e9e30ae70bbe3293e8230d0d0452327869f0040bc3cc6dc3d02c999bdda0d4d1f43007d66bde6896c6ece9e66d9c37b30446238008ec07d7f304a51d3aa2840187fd820a2e148a1e37f2f14e58193c013245356143dd63e055032fa834d6a075da4b5e65a6b362b06a1819eff4facd947900e1414e8b777446f9ca1dccd59cbacaaf60ee3ec8fba68ca09b54756f0cde72a912c7f009a3fd7a125c33a1ceea3dc8a7553b455768cfd414816fe8b31c31f852a7fbe01114132c276a120d8ed7bd66283db5778d97c3b051d859d9991d2ffd11c44277f2309541b7027d2b6e55dcd9e8f317cfd2eab90516112cbbf92e2409867487977efaafd3490affedbc1e8be2b58b78fe14d648e8bfe3c9601770a6c46e4f44217999622d25db500ab4fa063c4f51c5482744e89a517b69eccce34d4a9920ec47eda06601cacc364470b5563bf8caf441df7cc7c9837bab4881e58c1f522de53e73955ad094020b91c1749f0e7b135edfd533a512cb4415c09d065706b5bf7563f037585f7a3cd172ea8af9341384240bc3e772b4edadd5540ae5fbbad7d139d5542d417058e0f5bc9913ecaefe05da67b4395b0926a4a98033fa54ed0e4afb84228f26db1279d73909ce2a3d8d2f355a656abda4172c360c7a82cbe9a15c40f488a23fcaebae14d78f8e185f49b8df8c7449a2dc7cb32730c9eb5320d0587d492d54d658b33dca3d8e345e86c4a582a80434a68d6c6876a108c67edc6556d3fe5d12d23d362dac948eb96723ba4fcbe210f21349ba2d2c815fe7c035f87a6e9e0b91cd4826c56e3fdbfa20c8ffc12257a98db2b4932858ece6f886cd5abcd55ef772211f24caa4b5cb42cf6f2a4929a371078d7ddda1066dd439de9f1276e71b4d9913c1bc6721c6957f0a870e8c1b53dc86fe453960aa7daaad9f3f57a38d1013abea8759fae877d80c6de93cd1ff4e6f62653471a7491ee89a5631d45f49b7cb948e6e38ced97030b9c4903b63f1bee6e2f94ef5026ec2069e472b2ede6db0d1e9b1a77e34e91ba9254d6b5a9f9b19e02f3ee066301383e46e00b16211a8d92071b3c528a054e62b07a3fa861badc4a1ed38fada23267d59c02ca12eb085a3bc2750cde77e660588c62ca71a2ade618610d33405800735b1beb688f7fcb7be12b643ca4c37589ae72cc1a939003a3178c496d3594371576e0003a74d8758a14249510bcf931614fb72eb3c58c3bafa25406ad102ee3abc2672073dae7e6aa33cd324a3592dabbb57da661df0e7bf1e602633654d1643eea9e2b993a7ead408f44298c9116fa52b2300e9880a4be56c8ceb656df2f5337a6d542bc007120062e3ba42f9368d390a8387a8c145233f1efb60b759a25e8f667687b08a5fb0d7e1e64f32638bc675595cffd26aaf42da21a854aeaf555388e401a4d0254c8474ff37319f97d16bfcbca7c10cfeb74c895d028b7ada69d22098d08fe4a235719fc053d8c85b64a16c204b740db9c0541afb1e69cb77ea2d8ae08854afddf36b1f5713c5ebbee22a6796c3ca0e0031c7793c07c582b07d636822763a5da201a65967865f1d5a1123810f8bbc86c84cd02f6cd5e8d6bd7446441eeb7a5f40933cb2081d077da10eaf82c9759da5b18d7a508ba5402ceec075befba318105e885f75cab02d7e5a2aab562fe8cabbb954da328d86b6f73bf16a4c8c23a9de3444dfaaeceebdfa8a3897bb0ebd3cc3560930c5817a6128109a4ceb1d446216cb382c4e7cb80f3263b0d41524d5810ecf067b04a478d4847bd436441006ec2f3a0e3c52fdcd92dbf89a3dcb60f07f8e1cf73bc2d451ac66013f1a7ad5470df2d15e010444f190e9a3a933525142a5102016372086b35d27bd5dd37362ce92af2c882e14fcd4c01139acc3493405d5cffa7d9e750f8642b651ff05ae4bf4d47b7011da90a9bdbb8abb50d249932a2a34d3bdaf7b0b54bf49f78d47a0eacfb85da588c273eb8436b6ce3bea5bccd50811696b71ae3828e04b732115e534782c169dbe45287331e90a79261900a62874c1496ec280ee8f4700d7adabf2c43fec61f930bd7b84d6d7b2c6cf078f47ff0ee626f7ffd9d03d498efd786353d170c47a61c473d3f254af04714e45f832e7ba7007a2f73abea2eb647f8a04b2cf079f14b6b9ea73f8e701ad95db79516720e0742985f398efd932f0defddda838c52c3f952f07aeb68ea495ac8e78250e6cffcf38048d200fb5b8ea9bf228a9d8e9032f6fd0ee1906c5e5b0a383c33cd052a0fd5e7f625fbd41736f668d35b74ad8e60b0c7ee28dbc3115da87bdebb2560cf1c332ccab37a3252895e48d817b2a131ecc7a555d7fdee41d0aaea8e977fc6ecd622e09a3bd82555fbe90ebc6cae42174e614d48ac8b20e14af2dad98acb8fe862c585537713038b49987dc8e3b76e07616d2ffb82a173daca121fb3eab8e70b6b4bec9601a517dad95370d03166ab24e4f8963a9f7e6d7aaea9dacfb2cc96f2685f7dc150f7932819dd4f70d31ab5b0819085728b1eadc11459f1ae034ab89c3487980fc67faafee3d9f0028057510ff14c90930e0879dd3cd2976a8ec6565887248d5e4992917b6c53fe97985696073bb076442f9d80ee82c9b60174d8f59e7d235dad59281eb5a6194d9c7e333cc71db0b8ac2601d402d7c099458a6b7ca66f3024841b6ef58a72719a228c0f9540fd31143d0f039340edc3f27dfe2cddf333ee2a185e4232c0bda68821c4c368f0df9fa4c2e90925266995b64350ac0c9e17f53a3598a4ef4b466ae234bd4919d7a064e32f5d13efbb36fea6a262165a11559c4827ac38ec687943e69ac197b36de6c3d714d4bae98346bc11168dffb72d3b7bafb01d210d7232e1bb3922f94f585b4343d048831524cfab3fdf7b35a201c5177dae8174131ecf8e34b1da46487fbbc89370c813ec262b50c968f60047407260cb8d3011dc12cd1358cca7a5d29dffa36cca9e6edd82c381375e1bc7d23e08b6e0e9ef19cc37367a6a022d6551e6eae9c205ece899388e03d0e3b3f041440ab610f23a2494040fc69e74c916bd3fa0c2209e6f83583fe53b581c7372de91347d79e73d0a5e22eaade67c1a8cbd10ea31fc0ca9cba18ecaf5e2bbefcaee78c5c695cabdbe205c1cd26912b8fd3a6c4edfe362105bb64df3c1499d591e19350bcd2e97aa9065781a7fd7bd55044847d9faf21f249a79bd1363d17d1987838a8fc75d12edf90fe46c55797dc4cf17058e88c35b3b3e0258640cba4505b2e2b21ee197bbe34b0f5fbd4d742297e93d036ef513004ff44ede31ef411e69c251b3caa85e9416e0eec5799b21fbcfa2242c38089a6b0c9e8c8bbba8e20b983e983afd7c65bcc13297f75f12f10a79d07853cf8e286c089ddbe09127296d4ce601866e83f9898497e77c127f05503a050033909b491efab401d1d7a7302c3b1f6f44642d216a3101ffc492e3d2f173097a1a42aac1a984bdf9e0eba0ae5a54102b3a3447de5634c78047a7179260ee2b910b297e72bccb92c1f81db617f37d34a4a99c7363ffd006e629be8de4d5adee5f16671f0a3e9a3ed1533c0cfdd5ea32f77c3503125062575a36639b859641817862293489471b1220787a2398c92ad06e2efbc9be5b002b8949c24641788f1e8982170211f5ced207455e63efd739f1fb92a0b61cbf383c5cc821178903b51c303876a2bc324f006334828bb2aefa86cf60a7e7b9b88d1910be6d77e10504e797f37e404cae3fd75766a29ef16d401bd13d6a4c3ca9e01cbcaa6ec5d804b39466bd4f01f4c19d71be12ccdbe8fc51824572935c287930d7c6cfe42f73d8d20dbd6ee8d0f8bfd90e83c245c942edb9454883d02294b1c350f5305b56a3dcc0a6f61524f64dcb3ece000f4b77fa4651306f9cc23971ade06097d1bebb2be00a3a74446bbd11d3832945cb6517aa57488c809394e1064849f960bb0122891861a743e1ad310fbb1b04e5242c465674602ffa3e28bfff46063c6e3d4ae43650c7643cbd0dde2bceb7b7787c0a0be49a97a95495504599bb85344b21c5352145db8138d48d92d6415ab2f96f2bf395a28b39a7c0ffd4b4a92c5ee4d089fc08767e118c5de96a43f4f6907174cb28bce7b7e799b6d516fb30fa4e3614b317c189567d1f40327e4c8b9e2ffaed9ab0e442c605483165ad960aa28b3638aeeed7b79e75ae7d7b2ec73418bc638277c73a0b176a48baeb4d8cb9f17006e3d437d3bcbe32981711f98e9d4e9f30865785c3f0c3c22d65991d7fd163254a128e51c8354b516300370b576c62e1316e78efe76600797fd8728c2743d482edd8af38091e61c3a6c33e558b8b0542d94c5cb07ddd288de177298b8844839c4c8c3cbea745a0f23b23bc9b7bcad9c7348bf362d7b3846b0ed83071defcd59de1370aefe19189f6c0bcb45a8433fa5687872dc20a0b78d2fd6ed7a0e33998b4e95d0bb08ad724049bd0f5881cd0bc4cd75ff322c53246ed408726a7c644207fd934bb0ca14c05416ab0b8e60bca0301949478a3eefb7a5110bff64f3e85c8fbf71c0523b4995ff63dbed321e0e50a05c0b9c3609dd13e6ed6566434e7544e287bd1f959cc3ff3ae5dc7fb37fccc9149d6a881c6a414d78f6f03634da26fb90b4a9f4b30897784297f7d668dde1c42213717ee774e19b890c4f75c6085874428b1169eebc7ba74bee868a96a4c0052584432a1f126c364a94677e5d2074edcfb7335a2ff8c3e841fa2056d7657c61284ab97043704f876108ffd5c2e495b2b7198f3471f43e2eef8b07a96424461251b69464fb5462a1d0a8a549dbba2cd2c5a1289aab6da6cb3bbb3aba0e75cff3d7dd915a46225eb071f42c48ff4cf220d2a89214329728d9783aa4d6652767dfc99fce33fa0a738f65ad6baf651a291fe4e2359ca99e9ca7cb3259e52cd909837c26b230f9bc53fd306b73d9388cb0d44efd54ab5cbd61be2caccbfc1a829dde4bf9d46f9b640", 0x1000}, {&(0x7f0000007400)}, {&(0x7f0000007440)="f768f61bc85d8ac0434ffa92f6cfa281b0d9409eb3f8e4502f724f7dcd5ae42afc9880a8795ae505c52fed8f670e402623959d44a7ab28ddd9f7de24bd79d3b636243e70583b186975aee4f5fcc05770746f56ed0d81caba66f04f00b2843c22ed47baeb5d963ae9cd6c504ada10c709b49aab3d5ddf11e22f86435c6ed12207bd8519e412f3187e59d4a7edc4cdc8aa2947a81006a76e39289402f99532dd37282be09b8a0a16d44ba7c5dd4342ff5f0bbea9ea42b67d841bddf6f8a65cdabf444f4b1bddd107d32131312fb6168b157a859ce886d6501cd4a5619c7a", 0xdd}], 0x5, &(0x7f0000007dc0)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r23, @ANYRES32=r24, @ANYRES32=r25, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r26, @ANYRES32=r27, @ANYRES32=r28, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="200000001300ff660100000002000000", @ANYRES32=r29, @ANYRES32=r30, @ANYRES32=r31, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r32, @ANYRES32=r33, @ANYRES32=r34, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r35, @ANYRES32=r36, @ANYRES32=r37, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0xe8}, {&(0x7f0000007ec0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000008040)=[{&(0x7f0000007f40)="3d6446220f4dd8441dd66d419f2da866ea1a8336fe9dc7fdcbefa820f21c04a67467842320bd194b4f3bb90ab447b848b2f7fa0f8107f741581d5026c1e49b3444a62636c4d8f9857a09863366a094d366b2e33d92f3de0896a1b371b745dd04e8e35aa134f9fad3f9a09b4c356fbb7ac0ba1b0a276f1779bb7d7241089482586e63a7b9e098cd439cd8fef71fb7d11826925cb3e8e91cbe793827257e1b9eea5ca36305725bc22d4078f2b5626c74a81e7ee4d1c1012e091c7c430882d57e5383dd591bfcfc6e945b42d4635ae76182b20337087a4ae124778cee50f790bd2c80867e165056f4890db97b188cb1", 0xee}], 0x1, 0x0, 0x0, 0x10}, {&(0x7f0000008080)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f000000a380)=[{&(0x7f0000008100)="254ef7b05f1566cca6d8bd8d9b49da9bfb810bdcba288ef7e6344a54c753a347f994182d230b593ac1cb28b0a11d8a875b9ca27991c138140881b4dd8e6158b89e6949a99cf93aed502d5de9107bd0ceb13c0a0f80bf63bd4c8592715f3dbda96861c1aed1d5013cfd8d30fc95291fc6b46274552a2b02afb72662b0f4586246916c26fc157815369f70803e9aaba58f831d8d7a0bb7870bafaabdd010587242e2251f64e83ac79d891b8c0508e8481a97bc580d5f09f3d2b710cf4c2edfa0cedbbaff713ff855bf320af9420b208f19ad572201c640db15ce026966ca04081b36544e1de14e80dd4a61c50408a1f23fff2398fa70df168f3ef0243eb3661975316c20bd943efd78353530be0c34689cddf2493b8ed48fe5fb91a1bf982526fd10803343c4df099ec9535cd990a62792ba7791c3161e0d9e103c587c6d7990b2ccf0a74796c9126c50bc1c6655b204dbf4e9d80f10b61bd688f080ecd84edf17f0c08ae3539e95d0feebb23bd8495841df66fe88ab9dc4aa5df0a934a20990a3e9d51f8ea17a66bbba6b6e1af8a74f5d5612741d3d6d96665c61541b73df51ccc547f586ff85c10d3e154b52a3770a567f7419fd6d7edb7a0e4161690af1cca3bccbb653e158aa8e1fec7f8ac6ee9abcd8022917eafb75c8003b9f7c9b798436d38df0f0456218d90deeb93a7ef09764ce1f3e6bdc5b86a802c87d64ef65445545717f5b28b0580945a05c98e7d2e4fe47f26d4ec6b0bb4180b70aaf129011c2b8daeeb7cfe9166349567803414b285d068bcb14683b6bf8eec1e41905102ca6a90ace854c23d788b69ded090e9ca93ef47cfb60d0a9fe23f7fce4276dbae32a29eb9937257682c2ae467e1b36b2e9da98fb9c440ce2967c04493f7a8f7b9151d6f894229305d7867685a04b522c91eb408c4fb150da8e6f3d6f49fc7b505feec79fbc1017775be693ba4b659643ad0209d057764663430d93d187aa90612073b74023ead36fbbd9073e3df6922ab780053121e17ee30861b5819d74e329352b28feff3f8f0032153880793a27400808536007fba7cc6ec784cbbec993f133798aee8326a5a3f810c38fce854d3880dc129e7fde641b830f1a14ed8a7888a0c0b94764ad461c6fee4b7afa16cfa1a9be19dbdcb5f7aaffe465b2bc42084a665eb255a8ac63e818b559b3c6ecbbf7502bca41053e6563b31678dbdba1702811daaa14398f9ecd21345928bbf15bd657c11c7227280bb45c7e53500616405caff95bcc3f602416815fd06122d020b70e4bc867bbaa40a0a3e7c2ce020ec4e2df5edce8d3e57b6246de2c59d59eae802b54d7a0aeccc6334ee4d714a623b3765a9dc293b3ab14db3342f9450d5ff4e8a200dab6c9cf87981918c9b173e00023cea15525c0c25be59fc3cd239c951b32878b3d9c1c3cac26668e768d9ced19780dce5049e7078168daadddcf1d61419d47b2eea3ecf1a5811e065225f8d97619db3ca8c8f160370eaaa3fc9a9fb378124478c3e35e4ea8bce47029ebf6958f54d87d4c0acb211810830dd21fed3a339faf357ef0c08508ea911b7ed718b652ff4d969d499d2defbd6cf8b7d473c373552659cd18620040590ea2ec64d7cd816c990f9b0a2af6122217a5d4cb53486169bab68426e0a79c900e6f21b47b27e14c5db75697ed08ce18285a84afd810aa6e21d3dad748a38f7a863edb1080435891aa544071d8d34249f5fd2a552fdcd59c50f3995fd8c08eaa58388b39bf9dda863978f86ed85dd45f1e8f9e69fcc50d910e0e2da4d6109cea55dd32162017e57b204f2bf9ad34b4080cfa49c1f23330c67b169ea7c02d6ac4766d7e647aadc36110fff3118ebf60605a2645901b8b032e99e06ecaaa7044406f6024990f82ddae3d6c77c222ee4fdad11df0a3251dd6985c2cdd540573ed86d707d891e9802c661939230117662900fa55ab4d5c65eed2dc5f351c28014873cd860da45eeb4b1315dfa031c5a91db0475a1ce77aa76f2b2ab3ea77c022a012067d58900e5b92c8c86c0b2dd34490b5466823e7a1361e327828f95bd5536b812ea13560504839bc49cce81467e670b1aedf669602db19af52c6c7679ae4889fc7484d316c70398596acbfd8c0fcd60f0a2899ae09e054e9d102e0b41819fd7846e05ea077c1a8ecefeaf6008a5272e3c9813607b4ce9811d0f8efdac5746702ece30ef0e4a5a98b643eaa5253d4099e0770b38cc36f956562ebb5bce016577a7923d7b8701baed1cfef062e8c0556e4033d84c12e2bb465397b0994fece14b66947aa8d903e96e367ad75c45b87dcc833b4d7f6f32a1e741907dd0ff2bce747074c7aa326d37ec90f8528267c6010f316ca20ac57d7fd908cd8c2fe806e6502207145137c0afb47a877bdb699d8322420d99c46cb42fb41fe465cccb2db2e21d0c53f3b9df3366bc815729689c410d87ae675a924c39d601516e44a15a7407f539b433d638347b3bfeed1f15dac069f449b14a179cedaf33c1bd2a07f5d8de57f2bdd14d5ea2db2a02899cebce73226d3cb8f36b12230c9c0cac13fa31accf821a492b74a0d6042661069c7ae08bd5cff17383dccba42fa7efd9e8213e17e62d692a973299df5cfde5a598d19b5757509178dd47d7dadbde0fd94dd3e29f0acc13553a4d914a6d5b46574b6c8b2d620b0b3099cc0c10412fa065435f2c64c5236b21851a3b68c2f730c196bcf531c416d4cdd962f2a0218aa7d4fd297c1a080533b632f2e35853bfd049ae5edd049361f11146a3053a3587386cbc229875e0a2cf96a85c6f7a9147b22487332dbdc29777b129ca18cc612cbfd319a98d137de5e878ad49470d7b340b548aaf3325788d96f82bee5d2af7266a9669114febf0d1d9d2b23fc0c97a25f4748a5e41012d34da3127e4bf41ca5da99846f21276861c7092cdf7eeade7995a8de282514cb7bd8873a949264bcb3092d7803ab36a784a54c48a5ae0640d8a63dd65e7feaf1888a7040b2537d86c7d2be0f72a6172dbc5568b80596266a9ca8d7fe1f2fb00cb92ef83d0873712677cea33f3a2a30b5c304bea3ed42694c6850a459a80afb6453c2e93edbc0391bee1a29c9f98126cd956545054db1defcd208b0abdbd8eea5a3bdd7fc925ae29abfb6069999b30186b37ec99ea5a8c7370a05e94a264a054f92bf03ef5db0e46bc21b58323a301923e476f11f396f1f55d598f424aefaa8c54ea87f33e1ac9200648c03b4c918593477f91f82ffc8e11958e9235fff6a4623e0e6b9e3f766f84d95e9bc13fb811231e3988ddfb0728160e5ba4c300d3432ffe3473db250a31c4bf38f7af3f3d066931e171bc59e18da177ba1db1fd6b0b1d5ec1fbaeec17388f97cf478dd56bb0dcf71b46884169d802f27ef6c8ccb5ad83e0188e59e6927c6ef2b666a16a139fca92d5ec0af8815d3b48c87376bed43e78db4da3dfc70a88463ca66ee276c8a885d3be66b5c6879b608fa4974b6e2aff79bd6adf21a83cb5f9bdccf9c8de905c99a67d9107bd5a701b84e252bbc614b8a22366687665e66add931105a1e3ced96578545d75592143c14dfcf34c4018d4d5b913153874f6472370052e7c7bc6f9b2818890caf611731cdfd6826e8a299628f53890e89b3526b398ddeb5e68986c8504fd9513faaef0f0cc9b8313045d65d3ba85fab29803c39942be2ebe6c8df6c105e6ad11246c07acf8ba9d824e72528ee6d8e99d9aa71c74d7d25086d33d470bef28a4bddeacd0a2b59c43c1ec166cee01d14c7e7d00ab92509c073dbadf3c239060ab4c51d54053f85d445933cb6047881b5995542edd186beba003b1623ea6c320122e2ab76e95d09073c4da7567b11e8ab261eafe5007ddbb858e75dfaddb3f13f65f7b1a935fb43b3cdbcbd9a1182c85f1718ef46cd7886f26466e792004e26f50974a8c8b21629d56903293852e91a6e84b316cc2f2b2e08982e46275be2c0d636a0392d60443fb0fdc3a0aa153fe5ef869e0a44b1f1830301c09ba31f150d1d27b4327a89763f7628dc308ed65b0f53c8afef8f5bd22721ea6c605ffa41b19a7fe5999f920e2c20079ae170a4bab9de9eb2bed8c1df5b8e5ea13d415aa0e88c1198a28c8b1f37a18508d77af850a5ac6e4343e31ba01415d7389fd498b179aaf3775a516a9fdf55f08110dff2a68143bc05683a9ff9cf00c83863a24a238f9d7b386d1d054d2899dad6ecc8f9d78becefe4563370665182e59309b426ecc651303dbb3015286d474524413638de3bd6decf1f78986162adc96ff5b9443fe1880fa02ec2fb5900be5d52a9cf1fb52863f1791d2d2c7d7d18fdd68db2968dcf86cbec2dccd42a74a2bf7bde3dc33290b3f1b96b98c93d13dc3ee7c869447c18f66b5b450cfd0016afc0630c26c6557b9484861ae053ba869a9565c9c6e55ba1e7a95bc32ca33aa15ce5ebfaadbb8b730422ce490bd7926013e7c3097d98bc44c58e00caefa6be478276003b9fd0ae29f716c4eb0dc518feec870e8ea0cb482af7ec183253efe45845451d0ffd0f411025d374b493e59681cb3cb8607cf05111525502c6e3092ba2a824b05e8b91b7b1297726a9356a837330060eab5d87ec61d7cadab2615fc92a8ea0a7f9d79543018d38004775551fe9e123f31704703ee8f09cfb2424b81e35a7400626fa31c6f57ade518d0049b91400fa7476943b51b74b469cf0078b3685b965a42d09c47f38f6a47ad22e4ab0e3cd8a1c76bbf1b571f6aba262a1940cf0e198fb82d9ec0cdc300f5aa2138584f27b15a8f50c74ec4b85092c4fcdf67d90f09dbe9e1bb000ca259bbf27f357d2423a8b2c1355907b62a9a55cfba94f17435ed6886d1fbc7dacca6399447be129c2494212a45ab4decc51ab493f7484058e26c8b89c65fbda9bf2a6dba88d25170643b1a67d093fc1db8f0a6d1446a112b789651e290436a92faf0513db87c265b9014a62f1b92b7a44c2c219b23455a224f838dd88a3ad2d99cf1a0dbdce0173de02c6407b91880eeef5059251b2143575da6233d30aaaf182a5f60435c41e881efde0a4a8701dc16370b34b6f924d7152eed7e73d706cc63ea62f9cd0606ddcb86a4d6f5853f58ad0683360aae756b7f828f1cb53ae992c8b4fc5ca1afb02f7baba518eb4c619cd95ecd03d1d9e6d86424fcdbf7715c29d503cff275a7b4a74958ec62a7034a97f869511c98cfc1dcc7401b56969d787202f536211f4c5e763f481469ef1b29cd5741826a9a6427bf7d983ad4e386ab0307350d7c629922f0a9f238c927f82c19cc2454e69084bc8c774ec2eab533894b2c6fd5e5378ecd902259f4c6f9bc1c07a6ebeafcf0381460ae82f028501c16754715a87ad27784c538eac07c77d53ebd72485e84d61adb35ab9241fd63d8bd29933c169ba2537499600b293c2b0c45bbb43d8a8bce83fefc13043ad3f2f3a27cfeadb975c81d915c0a258fc8244c55dcd9e0881e2fd3029976b59124646ed97f71808687bd600073f981b1c09d0c3ed821c274beaefd219379ffac07789e68c0e48743e5d3d665781863dc44453b26779e896d9ef2ee5b1d02efb32f43334b4e1752b10e3f7d7ad009aff1e2b245a8cf816daf6c5b289d1d7458d7cc878ddbe79058373c9bd2bc66e72ee2ba35bad57fbb57c7c2694200fc0fb3ce22bad2f828cc25d04765d5f1d0a01ff184200e4b3f65b6b595afdc8041c61fc27b98f583f6d45d257f44ae4ab08542b42a6e0b5a033a61da3c622ab7ddb7a5765a32c792e87caca6190da86c4b99d6aca9cdf7c4cae293e2e7d01c649011f66d0", 0x1000}, {&(0x7f0000009100)="6d8b6b48ec8344aba5a9c27ba59ef85bb46c92acf44990d77c3ab9da368526f1f2f69db9163fb0ffa3089a32998dd8cffc85ec1d9aba2deb357c1afa4ff0137bb57027132c81ae0d5a38357f9f69e7a7a8f07ffbc0adf08bd8a9705e2401b4bf79a5201833aa4f9bc16a3a7b6a8b4729bf844aa88bbbcb4e8ea5298ccb71dabe871748dca411c0b5808c92961b318f92aa5465d5c090672ab109bd40ada2b81e4aa738b4a4d6a2de94a54ec266536056ae0921d32691737a2c920cb76882198705e24abe7d4e1fe42cf89ea79b186b2b2db3856b7cfe37c6dc848c017a7b1191e613847de3cd5951b61cff07e9e426ee15f0cc193469dca24e38a6cc161ed4732e13ac8792a769dac96fa06bd56c7d8761dc4a1a17ef058bb68dd9c400a66060b026c619591cc1dd2b0ae7c0a2b3d911c9177b850677ec63595d2cb908d618ab69304756d7c0f17781362eadbd00b46e36f948cfcf15c19ece8b7be2becea30f7692cb17574187064c7a026de068c6118d17aea1fa30db79332dc34cc1b078de20d78cb32462bbd28e27c145959b35c840a43f93c694e4daed2086530da4181ca0f3c8a333fef7beab3847828401541f97333d12a4d2bc53aec2a080b69a871438243432b71e68207ac6922ae28ddca5801bbd408330d8f0bc71851b7013f52aa53337f9343929fd354f73b7a5d628688c9b9001a477ed6812b259e1329713a97ad74ed19091c9faad5037be0e1702886a897f06e18f6f6ef62a6bc72565c5bdf5a7afa20f62d4b1940ab91b6be15c009456436adf7cc83fb8a5624c64cf2c089994e1dd16e1feb01df6c7f656e7526559926e76d3d8863b78a19cff6983e722faa241345314c0664791062081b729587b093fc060e8190340055538f2065ab9082ad0c4e0ab2f7f81cd5f5cda9a8075640df5276d514df04fa8221136a816eb3868b76c1575a13f12229f25bdf54bc00d20ef89512389cf681b966b8339c1cdc5b84b70bdf36e7dbde93d0a0cfec4479882cdc0ed836df7c6a4525d9cbd4b64bdc8f8615143e5597c4f07a14c00a6a07f0a08f7899b63db07f28f215a5df4730fc55034d84756820d6075c03493eec2b29cab7563030cf68db907a040289f076bb447fc5400749b6695d206e09190f2707a132ba04629b035200c33967c72421418d4263738cd7f5cb7ad4b308abd42f966ad1647f2834ce8c3c3de152b5b81780519001d3db350aa180c726ce70b49fe44bc5924589f77f4205607c7e217da7e412299dd22c5440e27c6f8eccc1824d083b0d63ccc0f89dcad876833f345e9a5ab63cce75fc9ce267d55df11ea174de481378781d61370ca8e055ef46104c253d93747cad829d54a6b8877d44a4a4ee5735945a1986da1ab8136ffbb84dde41e2536f122a956fb1e87e9e7f8d2858c08fd5cbff5361dd37903a31546651c479448ae3cf6815a0f144e751422ae7d8ca64dd7f406949a0545aee12b5abca726e6e7ce6394cb2486bc1fe4ea2e1dcd1f2328f4cb2c2df1310decb0431ad5bc3625a7734864c9445e00a9d7b109bfe4ffdea419799e25a1df31b599e0e24433371a47373da810ed319c2082d2f517b4c50bf80cfa908dabaa7b16e032d731a400f0ade6ccbcf8093381ae3cc1e824e2ac30c1ac0215a5627dea70732ac719d4b2b8b261c6b73a7d2c80a3a4dd5086589f7b132137a56e9b4270c37dbf63f80c12ef26b58a9b423d5b01d1af87161eb97fcb939a982fe3dc6adba0a47b7e2f035279b5373af1d117ee6f0bdd10993cfa41f2134da343709aa5a4419820900fbdbef4bf697134977530f61929600a92262a6783d1005f7f50c32aabbaf94de47c4244f1be95e8751258ee83b8ed2a1e0340a9b3a7bce701c2ea2b0f7c81a77a818be81b8a460e12866e81158dfc43c0763b402e9ffde4c8a54b518fca320ffd32f4c42ed8f1c0f4a8af40a675cd73d006e6d3c6bd9a41b4067aeba4c1c2fa941e1f7953f461fb0529123f4d1dc0c36823157b03d98612e6a93f538ee1d33e5b66f6c404e8e33be325be3597bca4b4855bcd1866c8a8b93b8766f04382b909ac07d1a595143f7559be455b7c35e9a66e410b56ac7fdae33bb9327c58d976692df838c1ee2c77bbf428ea91a19890479753d4d6298c7307005bf39cf7731103df259fec55e034030c3fc123fa21a90aa85ca13f2c47eb47480840befc771ec10e557a039fca9cd889559b2eb3238e43973262b59e375f2d5517bdd92583747207032166dfa4ca653dfde17115f675532d078a8844da807c2ce60071242ad46260070b84ef6a967e3ed7b99ac7a3ede08c8ad9419c22df855bf9ed5e21d2cf8a1bf7edcea2295166653bc399d08ef0e0c8b441486e1e218eec3736feef9137967f9e49bdef4b3e505645a9e82b3fea92235a449bde7d8609ddc25673ce789fe9e8bc751550a471b9a66d2487721577d1bd7113cab18fa5cc2003395b3baf0d1a4a6f31b93d783cd3ed6f3be0b81ac19b4cd928fa6df0411d1d72125b05cb5fa91c490c8638f044ae842cdb9741d4c4975c7ea1b30e8c85a39e4eaf84a1b984a117ba4cc7f5b7e22e84a30a116e838d3c7b8e200d9e38f980b5f3303bd22fa1be47eaac17edd82831444486c8b7361cb06c48f535b383e83affe3a2230935878411ecfb4af1b60f18f15ddc199b853566888b6f8e55efca15cf01026555c0f0d15dcfceca00310a5497b3e871160efcee8e5ca1a1765e1053294f66d21651366a62539c5dd3b52c34155ab84c8cecd5f80dbbdf785cec2f06f6a29739b35d4fe8c5171f7373cf3d7bb18d02fde89cec70efcf903bd2ebe525bf2158c84835100cefddeb66be128aaaf633428778fc73753e5fea3592c48b237d2dc3c9c18b581d01439e2de2512c2442dba8a917aa80e505e962734fe0aa8035eb1c1f19fbdd709f2e2336c84d01de61e4aa2cba8a5ff3e22311f847d09a1ee8b61f62eae5edbb35b4500f3915f3eea89f85d1d3637639111bc1d5a461df288c38e07d3cc939fcd60c354b15e787f47ac0079c44b33f2fe1b22c2791ddfd5720311cd990ba4644bb028f0f59f2c8536b6b30b688e4038804bf856c02605f606b558d0df48b8103f1afc2804640c44e500ac17bc98ba56471eddbe1385431591b15ccdd76614e3500183fcfe2f26b6edeb03d5edca03edb739e59bb95525599759feb24cfb8260767dd9d326524524b6083ba28573915d8c031265a84e0a077e12c323119b092f314881cd981d015e2682615ee09ac1e7c7746de7caa695a09e7994f7622b79369a17bfeb317c09950ed5a728e3590cc9be2b2f8d4c66d1a22e29b3fe5dbc7a5a96214dc4e7183a3888d2397d87cac803a955eaebd007b331161bafb8b9c330d92831ea2f9c6e80f645568cf22520061967a77bf44d79b8a25432945a856c95457ea2d7a22de740b82fb2a438a5c1ef7c2d2dc102d4753727d479ba602e52aa24b73b0d773452a91a4a4f11e4543113bed4ce7e575042e7bc331f22dcbb05110b7506d37cd97476c23b6f72e6862acc7d7c170a695beac083b70e115921ecd729cab41695aeda0a6ed4d5d100232cca6b463087e139176777b9bc755d17a8da4782b5d8ff90fb115b5d19a78bf1eeea99faef40079c6b0d70b84ff60c94c5895e49496b9514ce8e50c96ea9737130e27833832b7d19ffce559714522bbc4459dbc78cd18b7e6511810562423b8e24f3de4094c496f13fda720b550ed5864d5c9827d348b910f2ca076ec096413351d18127ce591f1da7068454f7287e91e307000c59dae8891d97aec09ed55ff33b5bc377afb26c2f27992f3391a8c2d6f4ada2c7622eb49433a411b1dcd6d79665c63b46634867cd424531edc856f5a0e7d0d11f98232fa5d8b22f584398f727ef080f16a7d95c8aa959f8d54d2d0be22a8f083da507fff88870074a6a0979d762256765c30ae6bba4c001142da6b048db4cf98642689c45455c4c7865c421f5c20f21665063fc74e400a30ca9d77ef206d23aab8eec3e26c321fb6bbc25e3d698b340882ed524fa4a1815aac810e66f03a158f60d6651cf5f14746dc2c6e7af4da1d5dee9e289d9887c8fa3c88563c697542526c2526ca4028df0f47cb3ff605825141c85cb035fb6a36870f3b8086cac986ba8d7a99a8b173c1569fc100bd79ebcb53b3be7174f5abfc5c8849d331c6d85f1f4c574a974696021f17d0f309daf0846f8a24e0ebc4764ba3d518580aad73efe6d2092e4d64e489a886aca7c25b6f148789b9c60a96e8b0661fc9e1e53bd3476b1ee49f743db5189ab7985d2ddd196bc260ea7dc653fb04480f4ca37cc7186dc92734a3f3964cf0a5036020af16c9a11c804a9b8df2d018f6bab327f3706dd842839dd3d70fbb64c128f805d99be844e41a5e84818f756d8f97d1547c0bdb28df49ec483fef4a8fceb8bc83413397ef7997dfe9f6936c6ce20d32fee907985249bb7d98374ead3c9994b547742a1214f1466c9eec7b1733640fa7948c4e9a66e5d882adfc1ee077cc72a7739494f24cbfec444b38a597cd339bc27dc50217a84420cc7558c50dbb5281ac02b68004bc686c95c65d94edb6b770042957dea47201a315b6f01864ed38ad392c8e27c6866bcc63fa08bdcd2ad91b0e95c6f2cc70d925374158e410d4ba5474c8149af80bc26744a691eecfa851b544c5cd78b745e1e54c34c001951621157dc609d92bccd4feadb07818ea6acd2a72bb2f2d23db9b9eb244f91815c69d304926a6e3f15e42bf19667d6caf48b894f9b727828b6b1f35995e0d0890e9142f2f6eca9e61528410f858028cf05cd1a923c111f50330539f21a33e4b5833f23f50515b0afaaeb84ffa45e67859de07370ca567e14ebccce0094f0b1e9bceef266de5fe1782a2e9d32ad1519e9f3a234e800e63ceaa81ad9551614129eddeaa5f0a3c719f207496e2496a0edf8e07f8dbd7e86b2bc256298e9260068574fcfd83affa2eda2fe53a5d544bb15a4eecfd742ec0f658ad8013e6650cac7c7e23c99b1ccb0eb1be1f249797ab3703e06d5d0328a68fedfa185719b1dcec27f0efbf22a84da0bdfc27cf06c638f8374c38eb3a6e87747dc8129fdd2cfa155ca193f179d234169f41ab645464bddbe1c97ce566112e62792b5c7c275f8da3338449ff51f1279441ee4ecc0ab260b1080dd8f960d2ab36e30b2b79b9b3ebef4e7d955f32c9d2d7da971fb09e3bae960e644eeea66743c2c8e23d325523d255a1dc1b07003de5414f2633d72b648bdf808c2a65c07aeaf0d94062ecd61b69c19c2d6ef2e0d2c241fabd23198c7f48f4ad96d0ecdc5ef3440af16930147b80b8bb1c289cae234c137e40b39c962d7edc1eb9d80ca5173b49c94115bdbd0b516991d11b5ea4e7c255e8a46c6d58329eb14449b2bf8c18e1ce26590240f10def7144bf33ee0906de2694aa6384eddf0f70dadea85fc44bff2b442ffecbe5bcb6505d2485e62566fcaf3a0333de02d835b8e3867baeff0e9827e2101bd09c96bca1ebb683d05a2f26c95a84eec3c0cef17b73dcd6ff4417be9f4c86cf34183e7261471e2fed7627dc8562afe02927692c04d9b84ac0d2edf8fffbb532bd63e334c7acd4017e37cd0d27b32624fc4bbca13e04ea95af00b76568ccbb4668718a72946f69a05a952f4588512cc572e52e1df6b2f8ff1716a1e3b8442a11c33a30bd934ce1890f3c2eb9fe3eb9aab92b5a61f9129a235fa8538a2e623a0d93a6e6389d77eca8fe7a8a1553cc6c2ae8e78f5df009ccf469dfb24b90ff6a5202bfb973", 0x1000}, {&(0x7f000000a100)="f312c9c98a80ee9af0e5895b1bcfff4cb80fc6f27109e8ead4f1164de694e4d6dc2b", 0x22}, {&(0x7f000000a140)="d95b2a6a5c1f306d109e4a21f914e65d545cba171a440f84b137075016cacb1d49e60234b36847cdc082591387f900bf14c472db08759cbb196b629bf8a791b77c9c7356d6fb5037a9ae7f09695cfd9b594d744ebd56227f88a66caac39207049741a61a862220be169129b96890662f875310a24c5cd95fd4c3", 0x7a}, {&(0x7f000000a1c0)="a1284ca6561b87501bd13c7aa14762012d416628947ca67e26d01d6c73475732e1e979be4f63dbafffe9c7cbf79bcf2f7680f081e07bec00dcfdaf03d62da1249c8e94da55961238f831c5b929a1526879647aef932f5801035150fa1d77bed43ba2f3464d2383df8107ae205e6f0ed070bd0e947257cb04600a14d7ec28e967321306ef499c876a1f952a044ebde381424a09431a70e72768719affe2b9a8c5e1d63b46f9c928704ce3c1c9fae9c6dd2eab9943a3e94225c058b91180b6471d8dd72654be27f7c8e7840d95f713c26044a7bdfcab9a3f3c93b1a095ce33652fd058acd55d80", 0xe6}, {&(0x7f000000a2c0)="8cdb620f211baad12b2ee7a75d77b61cdfc2a9cc15fa1398b7308a0b41d4631a4d54d2b19a4d2efd60c7992d26509f8f8d338398d135d92809c6c8d875a6cde852d5f725bd082a1fd9e9747381213e9234b1749ff91a07fc84a8a4a7057837bc7e3cb4ed6bdca2db02f761969bff83c36ac53422c9fce797beedcc1c58a13e30214802f21d8fd5761f5a37715fe6be103e9bfa01e7", 0x95}], 0x6, &(0x7f000000a680)=[@cred={0x20, 0x1, 0x2, r38, r39, r40}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r41, r42, r43}], 0x58, 0x810}, {&(0x7f000000a700)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f000000a800)=[{&(0x7f000000a780)="ffe10f3e92180d16ce19f26cd43fd11f", 0x10}, {&(0x7f000000a7c0)="2616f75e6c01c23fdfef2d7a152dad0990759a97611a3d12", 0x18}], 0x2, 0x0, 0x0, 0x4000800}], 0xa, 0xf1ca64e9eb943410)
r44 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r44, &(0x7f0000000040), 0x2)

03:44:56 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000000)={0x3, 0x1})
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000100)={{0x1, 0x6}, {0x0, 0x1}, 0xffffffff, 0x6})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  973.489622] name failslab, interval 1, probability 0, space 0, times 0
03:44:56 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x3, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  973.566781] CPU: 1 PID: 13269 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  973.575315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.584677] Call Trace:
[  973.587293]  dump_stack+0x244/0x39d
[  973.590947]  ? dump_stack_print_info.cold.1+0x20/0x20
[  973.596154]  ? __kernel_text_address+0xd/0x40
[  973.600661]  ? unwind_get_return_address+0x61/0xa0
[  973.605618]  should_fail.cold.4+0xa/0x17
[  973.609703]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  973.614824]  ? save_stack+0x43/0xd0
[  973.614838]  ? kasan_kmalloc+0xc7/0xe0
[  973.614856]  ? kmem_cache_alloc_trace+0x152/0x750
[  973.614873]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  973.614888]  ? __list_lru_init+0x4d6/0x840
[  973.614905]  ? zap_class+0x640/0x640
[  973.614919]  ? mount_nodev+0x38/0x120
[  973.614935]  ? ovl_mount+0x34/0x40
[  973.614953]  ? legacy_get_tree+0x131/0x460
[  973.627300]  ? vfs_get_tree+0x1cb/0x5c0
[  973.627314]  ? do_mount+0x70c/0x1d90
[  973.627328]  ? ksys_mount+0x12d/0x140
[  973.627341]  ? __x64_sys_mount+0xbe/0x150
[  973.627364]  ? find_held_lock+0x36/0x1c0
[  973.627386]  ? __lock_is_held+0xb5/0x140
[  973.627475]  ? fscrypt_zeroout_range+0x228/0x630
[  973.640545]  ? perf_trace_sched_process_exec+0x860/0x860
[  973.640578]  __should_failslab+0x124/0x180
[  973.640596]  should_failslab+0x9/0x14
[  973.640613]  kmem_cache_alloc_trace+0x2d7/0x750
[  973.640632]  ? __kmalloc_node+0x3c/0x70
[  973.663669]  ? __kmalloc_node+0x3c/0x70
[  973.663690]  ? rcu_read_lock_sched_held+0x14f/0x180
[  973.663713]  __memcg_init_list_lru_node+0x185/0x2d0
[  973.663734]  ? kvfree_rcu+0x20/0x20
[  973.663753]  ? __kmalloc_node+0x50/0x70
[  973.663778]  __list_lru_init+0x4d6/0x840
[  973.663799]  ? list_lru_destroy+0x500/0x500
[  973.676052]  ? up_write+0x7b/0x220
[  973.676073]  ? down_read+0x120/0x120
[  973.676095]  ? init_wait_entry+0x1c0/0x1c0
[  973.676112]  ? prealloc_shrinker+0x172/0x340
[  973.676139]  alloc_super+0x933/0xb40
[  973.676163]  ? destroy_unused_super.part.10+0x110/0x110
[  973.676175]  ? sget_userns+0x17c/0x850
[  973.676194]  ? lock_downgrade+0x900/0x900
03:44:56 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x8001a0ffffffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:56 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
write$P9_RVERSION(r1, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x101, 0x8, '9P2000.u'}, 0x15)

[  973.686398]  ? kasan_check_read+0x11/0x20
[  973.686418]  ? do_raw_spin_trylock+0x270/0x270
[  973.686448]  ? security_capable+0x99/0xc0
[  973.686478]  sget_userns+0x278/0x850
[  973.686492]  ? get_anon_bdev+0xc0/0xc0
[  973.686514]  ? vfs_get_super+0x270/0x270
[  973.686544]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  973.694589]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  973.694608]  ? ns_capable_common+0x13f/0x170
[  973.694626]  ? get_anon_bdev+0xc0/0xc0
[  973.694641]  sget+0x10b/0x150
[  973.694664]  ? ovl_show_options+0x550/0x550
[  973.694680]  mount_nodev+0x38/0x120
[  973.694700]  ? ovl_own_xattr_set+0x10/0x10
[  973.703339]  ovl_mount+0x34/0x40
[  973.703359]  legacy_get_tree+0x131/0x460
[  973.703382]  vfs_get_tree+0x1cb/0x5c0
[  973.703399]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  973.703416]  do_mount+0x70c/0x1d90
[  973.703436]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  973.703467]  ? copy_mount_string+0x40/0x40
[  973.712469]  ? copy_mount_options+0x5f/0x430
[  973.712491]  ? kmem_cache_alloc_trace+0x353/0x750
03:44:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000080)={<r2=>0x0, @in6={{0xa, 0x4e23, 0x830c, @ipv4={[], [], @rand_addr=0x2}, 0x7}}}, &(0x7f0000000000)=0x84)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000140)={r2, 0x20, 0x6, [0x4, 0x3, 0x101, 0x100000000, 0x0, 0x8001]}, &(0x7f0000000180)=0x14)

[  973.712512]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  973.712531]  ? _copy_from_user+0xdf/0x150
[  973.712553]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  973.712571]  ? copy_mount_options+0x315/0x430
[  973.721224]  ksys_mount+0x12d/0x140
[  973.721246]  __x64_sys_mount+0xbe/0x150
[  973.721270]  do_syscall_64+0x1b9/0x820
[  973.721289]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  973.721314]  ? syscall_return_slowpath+0x5e0/0x5e0
[  973.729343]  ? trace_hardirqs_on_caller+0x310/0x310
[  973.729363]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  973.729382]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  973.729398]  ? __switch_to_asm+0x40/0x70
[  973.729411]  ? __switch_to_asm+0x34/0x70
[  973.729434]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  973.729471]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  973.737311] RIP: 0033:0x457569
[  973.737328] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  973.737337] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  973.737353] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  973.737363] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  973.737373] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  973.737382] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  973.737392] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:56 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x4c00000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:56 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf0ffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:56 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200481, 0x0)
ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x200, 0x0, 0x0, 0x9}}, 0x4)
ioctl$FS_IOC_SETVERSION(r2, 0x800448d5, &(0x7f00000000c0))
setxattr$security_smack_entry(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.SMACK64IPIN\x00', &(0x7f0000000140)='@keyring\x00', 0x9, 0x3)

03:44:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f00000000c0)={'veth0_to_bond\x00', {0x2, 0x4e21}})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x10040, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000100)={{0x87, @multicast2, 0x4e24, 0x0, 'lc\x00', 0x10, 0x8, 0x6}, {@rand_addr=0x60, 0x4e24, 0x0, 0x20, 0x1000, 0x6}}, 0x44)
bind$bt_rfcomm(r1, &(0x7f0000000080)={0x1f, {0x7, 0x1800000000000000, 0xb1, 0x3, 0x82, 0xff}, 0xffffffff7fffffff}, 0xa)
r2 = fcntl$dupfd(r1, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:44:56 executing program 4 (fault-call:2 fault-nth:41):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:56 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000001280)={{{@in=@dev, @in6}}, {{@in=@multicast1}, 0x0, @in6=@mcast1}}, &(0x7f0000001380)=0xe8)

[  974.161845] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:57 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x9effffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  974.202084] FAT-fs (loop3): bogus number of reserved sectors
[  974.209435] FAULT_INJECTION: forcing a failure.
[  974.209435] name failslab, interval 1, probability 0, space 0, times 0
03:44:57 executing program 2:
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000015c0)={0x0, 0x0, <r0=>0x0}, &(0x7f0000001600)=0xc)
stat(&(0x7f0000001640)='./file0\x00', &(0x7f0000001680)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000001700)={{{@in6=@mcast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000001800)=0xe8)
lstat(&(0x7f0000001840)='./file0\x00', &(0x7f0000001880)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000080)='./file0\x00', 0x9, 0x8, &(0x7f0000001500)=[{&(0x7f0000000100)="699647de402c1d00d19880894f89b300a571fd9e120589486b8967d9b5f280c3dec38af4c4cb4c455f65bd19cb4fb59ae9345ada1c66406b5b5c7f0cc3d1904f1aba800e732425db5c4ebf1dc92b8793e5876859fcf7c8d707160ca193e6", 0x5e, 0x8}, {&(0x7f0000000180)="02f0a8999c4924a382ea152ffe5db5493d4dd0581fa75e5a5774151be8dcb68f9c7389d12779a1667afc321004611b2c244c844e8e1ddcc854e06c9429f190b93853e56999877b477fba4a4a8311d33e6d5621d992d72345193864975684ada734a75ff37c54b385ebe1447614a9fc70cc025eb4494921", 0x77, 0x6}, {&(0x7f0000000200)="c0b82a0bd95f03c30a82a5fe78d4354d8c7a53a9bfbd7c52dae93b1da9a909eb0213a8d850fb4ec35b1f995aca5a4d716464eb64bc90f7c4fd740649d6b9302eea1b3e043ede05c9e0e23fa7feb5e4e8532821947eddcafc28ecde943acc80bbce94470f825419dc0a0f8b1c96", 0x6d, 0xfc31}, {&(0x7f0000000280)="fda76d7edf3c8e1d97e146bc21a5526ed132bdeb0a64d615b268ae5bea8a0f09814b0aa45e978c9e3b6df1cd7636ae2f8f3d31688a041b2ba93c8aad2e491a6c2547561a488004789e30eaa010e8ad83b751edd4078c88a7198aaf5ae3c805ce459262c22f65409269b9f09b90a4f30c1e80568e5d004af3b2fe04df28936f4fde02d68068d3e26f421bcf7ea4487774f8ca32f902b22a7a1ff84331fc7e344c47aad47fef5a23c316369345578e80cc12be450b4fbea88cf8567e3bb8f680c7db7bbed6926cffb0f0e65c50dda3708dab1174f8a38e5b3e21c4342f73eba412eb4460e125a201907fdd7fdcd116696431d9fbab76d083e1faf82fbb8e37d17ddbfe6ee9862dd2e1a1d8752bf7c93aacd2875a6d24513a2c2f9d6b8e27ab0d2b23c3b381caceeecbd97db4f3ba4f4829d5d000a48d93f267baa2ae5d29d2b6bbf360cd808344842a9fcd62660a7d09383650cfe900d0e85e7496f8c1a827f44e179e639552f618711f1b7b58f480112a72c77c77f12dc2f5dca706c1f3af4c526775f46ba945dc01834f728eb1500c10b658fe08916c34fd9c676853cc3265533c4cab9e8e2ca4bb33574b289a9606af94c7641eca726bf702848cb51ee966a4112cf7aaa3a54256332cfddd2f354b334cc65d034ca716fc21bde9ba0526ed927aed827070f9fb1bf64bcf0e8f76afaf959042d8b65af08d0bd3863e994e68444d6df6a45480bc85f5a2d180b6ddfb2d9d75593944d39e37458c3d31bcef8d3820d8d03126547f24476da1aa6d2c75ed0e626bb136aeb641f3fb1233d1854c7115b3653a700e4ec0fb02b130b142afc1ca7e7d630c86a53181caf392202d0006e0a3cfaf268eed8040bb521a67fa95c581d48a6df9290bcad9ce7765e2038a93757c6bda0f7dccfe63cd747cf7a2dfdc8f98de7f6fc571863d0dfda1d8ccbd32580c73478995e4d32e8607783b79b61da52a21b32a16d3bd45e3b12ff0a0644b41f68994830a04d5b0f2201d5a12f5842567ba55aaee99f455380c25719e8529362347c5d72e165818f13b8d027c9be55cade684239a741a13397dcb8cc3c3f65969103132da1e06c39e18ddcd1a1a7b0393794562fd0db4dc73de897636a5d6a95c4beba544848f1da2dd1bd52c7c394995d074c08293a1e87c9d1496113e60316e449054383f361e72d7e3493bea7d4a115fdb0af4f049b92bbd3f6782c08abf39680490de67470af7f6eb5b5bd9d28d3b11f30061bb1c1dab4979c67426b8893455543be7f4e5488ec131b52b2d5f637620f96e01e586a0112a9d4fad5ed33d5c1961c4f4ef1053a074071ee105f38327f6731772f4596a2647afa030c8cdbb08bf73a94387f2d8c03ba5af02cad613be6e7ac14600e17db7b413cda6645cfa1ad3649a86ef1d44c8c6be767daf3b82342cd9320b2cb2bf804408c068d0d832084b74b0c756a7715f621862937257bdbe87daa39ed2208b505436c733be2ca7fa3d1ceba45340e1d9510ebfc26af19d065f9892bb40a64d075de342c3bef727cc05406dbb9d89ecb88a2c8a45c0d3f17447fbeb44c54a09a5b07131b27f38eb40b5b45cc679e5ec8aac741d62b05d001972acd82f16add34729b3dae993faaa5e6c38488086038abe56b7a63b62341af4e68c03f229e8e05ac293b7019c4313c8b09107bdc1e0895241dce0ff6e2951bac025e76a2671db473394351fe8e59652d61d0205f23414bd41aeaa35f64aa24576b99cb40d61c04f261ea93a9540527e997df88e4563aff134abb6ad82f3f5d89943290c0c2d2b41699e8a33b00848f67cb56f16df5a39c7f980817685760253bb768b83849b8b238e53b8c6dfb34e46520be4a8748213ab6eae49bcb8e393614fe70a8599a979edffc2ac44eca015e4cb36c7a914599789946060dda81ba40e5028dbe1d6b1c26a8317f04d3b1a3d01a67ad5094b89e921837d8b4c2d82cb648617b1697b5559ca1422aac23859ba4c0417f05cbf344fb163fedf5723dd8f7bd32cbadb216f8028d3ecc8e59c94a35e853bc44328475ab83e0bcea27fe65473a4bb85f7067b0c4791a95fa08a2e62babf51044fb13068d2328eef0ef17620a845d77ebe220fdf5e370723d1ed807ef79ab2a1919955ef8281db49d699f9b67377077edd14e675da8f84591480bf500e3a5d37181c60cd9f4888808f27332f3f6a942863704a81807799b14a44417ec2c764b913765d5cc6c93e55839df272bdc11452e58af13ac7bf3c54ad19b2fd67c5ea6df9a2dd7140ab75405c806ed541bdfe42f45cd3d9dc9154c830b6db23ef8300f0318948102482e5ab62a5f9d9c4db4a18a729d7da3d584ab14978d57c088072bc05aa5c2fabd8d3e514b4d55f1ae597d331020c3bac94a5c19e4e4aa995bc40e857640e270b555d3189b98d09ea5970808a8d31ec0b2a70be4dda6a2709270182ffddf206b8bbaf0b0ffe8a47d46797811bfc857891850d7882099cd58ce08d5704c2adce3615dd438605087565849ea4ca797ab0b11539dde619adc267057ec440be9e38b7b66f83c83dd27a113422c75e8af8a800337da76874bd85065c6d991a978407c22f21cfa794e687f47b6419c77437ad82e57278eac3f0710b3ab9a2974939e36e7275e9d7a10e8a97aaeff67a27ce1fdbdf36a9f064c86451f72d14224f959bd35c13cb4ea6b82edf660e8474cd156c9f773aac8a16f3402cd0c0f38d2a3c8249eca107692d0c36ccef8bf856ae24492e6d8518d1b4c9ba2b50ac40e78a9a95cf0df4836abaf258f9be9822bf092778ab2245ab6da3f68faf642f7acc1377537089b5bcebcfa5cfae21d96afd5536bd1adb66714468b8d64cec58f3404f4b36dc9065649b5f9818a8b99a68797342d5a122dec2e01aa967faa149e1cc12d333eebde4dc5dcd6d2167238a76cabccae6ca6015100df69f8c39623971798ff3cadb8f228c99de9565cbdeda2bbc2a77e33eca52f2bd2813de21a71df5b31d64ba2f5e2f4912e47a64e812b996b77ebe1372f2cb896a96f11dc5f4e20713dbf56d68635fc6d0249308cfe51f90856cd015126c0e5d1090257af5431f22fbd129dc35decdbe4a7d88b0014022a57d7e64034185404f211b2b73fcb65d859b342064f5a4aee19840890b782993a19dbb64762624d5243945dee2dbfaaecaac07194bfa90cea751667cbb6bfa7dd7a3a3eeb5acbb3bff35c14cae4f21dede155a84e195eec07a2619c7d2bbe3bf89f64d8af8ca815104b2e6082ed5e9a1f2cd889a4d2aff54687b6d2494c16b21d36efeffdf5d5e7b31b6c7f5774868a68953bcc283a1796b240e973e74f3d0e4546dfe078450e808a59636b321465935dfed69f9adf91c0dd8f8c59d7863bf4be76e2dcd15d0683b1563c0a6e16967d6f95456b676cae27593c63c110352e7bc40920b83f5a0e60bc83b8eaa9a643c7f3a270a749344343bb6f1f6171af6595ce697337eabc1a856b8823aee93ebbae3baefb662d376b66f17f030a6c21eebacd7ac6953fb432c4d9f4661a5db02a53eb5f0325637d23aef24cbf273bd48ea7f2297c173b9c3353d59bd45a6a88b2bed0b01e02637a14ec2a42c41f7189ddb19348d39a4b34f1b06922ff0d4f2236824a61490e35a05bf04bbbea43f02ec6d0c60fbf40145706fabc10b72fdd4f9f1e5ede7e6516f69121b67015c96a49821d3a4df897adc5f08ebb08dc76e8b604bc424a3b935e315b54da4052f4f5bdbe0c1af532f3e9bd0d7deedf3a22d9819aca017f94261bcd3b44498e3d0e10e04f3dda1b61f3c81d6dff2828a66c84a658b5835cf85d55f85c372a5a6d0f475783f673b659fedb25d9727f8de04d539c1134f1003fbedae0af0f1699cfc9ed7a5a4509b38aecad4c64240d9aee24d6cb700f3bfb3a1d6bb5fa3f21dc3da6a74c02235c322c04868a3e197ffb5f06c6901680c7af4c09ea89790f487d646f5a8e9aed16a8966e367bde29de4c058b5f4cffa60b468ad9e9958fdfd9fd2b9fb4c1cb609c16178070a7edbe43e019c861bfd9a37b8681540fbd63e16fc28882d68ce77c88991d59bfd2aa41250284d0ae6c57600e9fe636b0fcb1f8212ca54992a6f1fd5bb722eb1ff6566baff8a0d5d24457dd28f37ee7d689b253f5a5b1736ef033b7f0f16f822bf1b4fe5fb60d8482a76ab7d315d78a2defb4204011ac9dabc1b49dfc634d70925488d6809db5af23aceae1f55a45e4de6cf6b701fbe7b7d38f80cfbbd3ed111bd164506542943de083e7c9ea5f2ee2494b73bd60616bfe5a053734085ca379777a26a6b2dac6e74ceb0405d5dcd96538d9cdf9788f6cc0b63c35e4fa3ae736c5f51ed4977c2c5d9e162cd68c021eb395a1e2df98e14671bd3df7cd20c1ebca9e1c6a59c43017794fef25a6cf9f3b7afda446e00af307459cf067cbdcf7adcce03311497d441cf31b994bb82ca69b70d3d4ced493e922066a8c1dfab8e22a217bb2bd1b2b2029e47bd9293c6e94c5588b6bf6a2278a4ca104a9151dece833934edd846e74bcc59eb2fe0e92966f667688bd236b6e658f77ce14b4a4f5cbbd85501e6e6f291c888543a08df6e837f69bb1fdb95326d382bb6cd1a905e7285e3f91dbeae5864c1ec1397e59924f5009f8de4715bdeea250b51e3fc1c1d54c42e70fa74aabe616ddf0a4b2baca9100aa0961c3b151012fea0e3ed0e187cc2fcbb49b024c4d8758dcc05cc77126e539f9b2176504257e673609c7f86b369a06eebc0ff9c5e06a87162d3d2d4d33c85adf4780885b9c3601d6bec5520281d8fba3c2053bbdb6eb5a09dde5a3712f7b19018856594269b6e1a37771b6765260c304d1fca1fe9d10997471435a22193143cc03c6fb82871856cfdeb63749c552761535f0792a3a823152be60de5c90946e3c3340b2cef430fd4fac1baa6a872ba3c9265922fe486df3463de42584c334dc026e7202169f9bce662b3c35add9be0b1306920869695bd7b954ffb4aed209660024c9442fe08b47cf8db17d365a93aed225ea83357573fc36e35c88e7a4d7bcd670c6b3c78abd92a479b25950b72dde714c6deaaa41eec6cf0dab29b2d6d21204aa1181b95e397f10b05fed872d0ac24b05838bc579780295269dbfb25585b8f9280783b72651d6756022746145907bc446c1a73f0e66fce923a9c957d86eb250dc9bd3352646581ab00a1b886b6a524fc78d653de9d5e34f419dae8cf2647f86aa73df71978e671b21bf4b2752eb2d0e5a20215556b73fc00fcdebde09649df112da3759253d8986efaec8aa2998422b1c7661fc4c485df05b355752872dc7249cfb180782319ff9b0ba02103da56efd7e113f2d41bfb5b2d1f465720c6e73639e7288aa80e39878cdfe14c29bca3cf94f024db2949d50d6727bb00fccb9fa256ad30dfea3eaf363f4f8013ddd609532269f3522f0a74627e82a405048ef247a333a274dc11561722bef543f99ff204196760c674f9a58305a3ea97fd67d04bb295ca949a41bd8c7b3665f819791c8aff8df422fad3d3fc71a22ed4f02563a75361a72f8303e50fb27f48b4114083a66fbeee810bc7f231877878b427da56414673c918aac411bfd0739f8d52709533b86a449cfec1e9484585efc8eefadba649ee28bbd8b589dfe9551d06db7051850064e87fe447f47577c932ff8154299da7175c8dbb33debd57201abb9b34a2299113ee9b5182ba6114d1aec2b51716172b479a3b645987f9469093e2ac48283b95407acb33cc23646d99c4ab566f9f67049f1c141f391dcfce22ce6372b7083107e8dc1465c972121482", 0x1000, 0xa23}, {&(0x7f0000001280)="4bebf0d61542dd81a0e43f23b0c3b93809998deb661e09e3639000f550aeaa5ecf29759e5e1c764f403755f2aa5bc921ebda052bc144c4df46944784966bc96dcdd3fe1b9896373947ce0c786e310c4b4d706fd5ea651b76223260cd", 0x5c, 0x7}, {&(0x7f0000001300)="fd378651eb84d3fe06997e2f20b02bed6328ac6fc4e5adff27b331a5b6011b28404b6ccb0421f5b72013636119a248831b1985eb9b8cc7965f4ebd973be34ac99f761882b9b6277926157e6a3a2a1967d3d63109eae1e32d0dd1ce0b081338f36c7c088323f067e8fcb92e5cefa7d75688f5244e7479f527396939b60c1f0b65925f5a236744da92512f6bbfe1d8a51823832497f6d64e295100b96955387fc80e1eb5a3aaa79d1b6f114e355e7846471ef65b99fd48881b79", 0xb9}, {&(0x7f00000013c0)="19cb476b329f075f95e5758ad4a8a536ddc51a1c731be0d9ab9fdb3ab35f9b1045", 0x21, 0x1}, {&(0x7f0000001400)="6aed8abdf97742357d9d3c9b3cc73915b0ac10a6e95da4879293dfa8141514377a34a84f4f7d0b26bea1211d4e52541fb09c6412ca626db769998da4883e0237ffb5a853a08ad5179ae27941bb29859c0a82ba93e51c8758369a623afddb0f6d051d3c3fa303d57c5118efcda9930c68bf99de9615fe3bd8384676be5c5a7617e677156b09c9fd8138f26cd0711dcc0e31eae2e934a431b63fde122b2ae5ca7b289e51b89b541381dc5b9159a5bc6e773a698cf87a14b76270449ddf332b7978ba65ef55bbd7f2e0dcdfcc7758c2bdb446b6ac8a9ab8003f8dae8a3e464570c3b0b985a5822f6a", 0xe7, 0x100}], 0x20040, &(0x7f0000001900)={[{@gid={'gid', 0x3d, r0}}, {@session={'session', 0x3d, 0x3}}, {@type={'type', 0x3d, "c7210f9e"}}, {@umask={'umask', 0x3d, 0x100000001}}, {@creator={'creator', 0x3d, "7abd3c21"}}, {@session={'session', 0x3d, 0xffffffffffff1f78}}], [{@euid_lt={'euid<', r1}}, {@smackfshat={'smackfshat', 0x3d, 'cgroupkeyring-keyringem0'}}, {@smackfsroot={'smackfsroot', 0x3d, ':{'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '\'procwlan0:lo{+mime_type:proc'}}, {@fowner_gt={'fowner>', r2}}, {@obj_user={'obj_user', 0x3d, ')securityem1wlan0!em1+em0wlan0'}}, {@fowner_gt={'fowner>', r3}}, {@smackfsfloor={'smackfsfloor'}}]})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = fcntl$dupfd(r4, 0x0, r4)
bind$bt_rfcomm(r5, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r5, 0x800448d5, &(0x7f00000000c0))

[  974.247226] FAT-fs (loop3): Can't find a valid FAT filesystem
[  974.279572] CPU: 0 PID: 13314 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  974.288100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.297472] Call Trace:
[  974.300090]  dump_stack+0x244/0x39d
[  974.303760]  ? dump_stack_print_info.cold.1+0x20/0x20
[  974.308969]  ? __kernel_text_address+0xd/0x40
[  974.313493]  ? unwind_get_return_address+0x61/0xa0
[  974.318454]  should_fail.cold.4+0xa/0x17
[  974.318478]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  974.318503]  ? save_stack+0x43/0xd0
[  974.318516]  ? kasan_kmalloc+0xc7/0xe0
[  974.318533]  ? kmem_cache_alloc_trace+0x152/0x750
[  974.318555]  ? __memcg_init_list_lru_node+0x185/0x2d0
[  974.327716]  ? __list_lru_init+0x4d6/0x840
[  974.327736]  ? zap_class+0x640/0x640
[  974.327751]  ? mount_nodev+0x38/0x120
[  974.327768]  ? ovl_mount+0x34/0x40
[  974.327782]  ? legacy_get_tree+0x131/0x460
[  974.327795]  ? vfs_get_tree+0x1cb/0x5c0
[  974.327807]  ? do_mount+0x70c/0x1d90
[  974.327820]  ? ksys_mount+0x12d/0x140
[  974.327832]  ? __x64_sys_mount+0xbe/0x150
[  974.327854]  ? find_held_lock+0x36/0x1c0
[  974.349628]  ? __lock_is_held+0xb5/0x140
[  974.349664]  ? perf_trace_sched_process_exec+0x860/0x860
[  974.349696]  __should_failslab+0x124/0x180
[  974.349722]  should_failslab+0x9/0x14
[  974.349743]  kmem_cache_alloc_trace+0x2d7/0x750
[  974.357258]  ? __kmalloc_node+0x3c/0x70
[  974.357275]  ? __kmalloc_node+0x3c/0x70
[  974.357293]  ? rcu_read_lock_sched_held+0x14f/0x180
[  974.357318]  __memcg_init_list_lru_node+0x185/0x2d0
[  974.357339]  ? kvfree_rcu+0x20/0x20
[  974.357357]  ? __kmalloc_node+0x50/0x70
[  974.357383]  __list_lru_init+0x4d6/0x840
[  974.357404]  ? list_lru_destroy+0x500/0x500
[  974.357422]  ? up_write+0x7b/0x220
03:44:57 executing program 4 (fault-call:2 fault-nth:42):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  974.357452]  ? down_read+0x120/0x120
[  974.357474]  ? prealloc_shrinker+0x172/0x340
[  974.357499]  alloc_super+0x933/0xb40
[  974.365268]  ? destroy_unused_super.part.10+0x110/0x110
[  974.365283]  ? sget_userns+0x17c/0x850
[  974.365302]  ? lock_downgrade+0x900/0x900
[  974.365326]  ? kasan_check_read+0x11/0x20
[  974.365345]  ? do_raw_spin_trylock+0x270/0x270
[  974.365364]  ? security_capable+0x99/0xc0
[  974.365391]  sget_userns+0x278/0x850
[  974.365404]  ? get_anon_bdev+0xc0/0xc0
[  974.365425]  ? vfs_get_super+0x270/0x270
[  974.376919]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  974.389200]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.389230]  ? ns_capable_common+0x13f/0x170
[  974.389249]  ? get_anon_bdev+0xc0/0xc0
[  974.389264]  sget+0x10b/0x150
[  974.389288]  ? ovl_show_options+0x550/0x550
[  974.389303]  mount_nodev+0x38/0x120
[  974.389323]  ? ovl_own_xattr_set+0x10/0x10
[  974.399008]  ovl_mount+0x34/0x40
[  974.399029]  legacy_get_tree+0x131/0x460
[  974.399052]  vfs_get_tree+0x1cb/0x5c0
[  974.399069]  ? legacy_fs_context_dup+0x1d0/0x1d0
03:44:57 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x40030000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x2}}, 0xa)

[  974.399086]  do_mount+0x70c/0x1d90
[  974.399107]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  974.399131]  ? copy_mount_string+0x40/0x40
[  974.407595]  ? copy_mount_options+0x5f/0x430
[  974.407617]  ? kmem_cache_alloc_trace+0x353/0x750
[  974.407638]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  974.407663]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.407677]  ? copy_mount_options+0x315/0x430
[  974.407701]  ksys_mount+0x12d/0x140
[  974.415645]  __x64_sys_mount+0xbe/0x150
[  974.415669]  do_syscall_64+0x1b9/0x820
[  974.415690]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  974.415719]  ? syscall_return_slowpath+0x5e0/0x5e0
[  974.415740]  ? trace_hardirqs_on_caller+0x310/0x310
[  974.415758]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  974.415778]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  974.415792]  ? __switch_to_asm+0x40/0x70
[  974.415805]  ? __switch_to_asm+0x34/0x70
[  974.415830]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  974.425860]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  974.425874] RIP: 0033:0x457569
[  974.425891] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  974.425901] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.425917] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  974.425927] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  974.425937] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  974.425947] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  974.425956] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  974.650879] FAULT_INJECTION: forcing a failure.
[  974.650879] name failslab, interval 1, probability 0, space 0, times 0
[  974.713200] CPU: 1 PID: 13338 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  974.729128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.729135] Call Trace:
[  974.729158]  dump_stack+0x244/0x39d
[  974.729181]  ? dump_stack_print_info.cold.1+0x20/0x20
[  974.729201]  ? kernel_text_address+0x79/0xf0
[  974.729236]  should_fail.cold.4+0xa/0x17
[  974.729257]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  974.729281]  ? save_stack+0xa9/0xd0
[  974.729297]  ? save_stack+0x43/0xd0
[  974.729313]  ? zap_class+0x640/0x640
[  974.729330]  ? ovl_fill_super+0x29e/0x3f33
[  974.729343]  ? mount_nodev+0x73/0x120
[  974.729358]  ? ovl_mount+0x34/0x40
[  974.729372]  ? legacy_get_tree+0x131/0x460
[  974.729385]  ? vfs_get_tree+0x1cb/0x5c0
[  974.729398]  ? do_mount+0x70c/0x1d90
[  974.729410]  ? ksys_mount+0x12d/0x140
[  974.729431]  ? find_held_lock+0x36/0x1c0
[  974.729465]  ? __lock_is_held+0xb5/0x140
[  974.729497]  ? perf_trace_sched_process_exec+0x860/0x860
[  974.745056]  ? zap_class+0x640/0x640
[  974.745088]  __should_failslab+0x124/0x180
[  974.745107]  should_failslab+0x9/0x14
[  974.745125]  __kmalloc_track_caller+0x2d1/0x760
[  974.745140]  ? __lock_is_held+0xb5/0x140
[  974.745164]  ? match_strdup+0x57/0x80
[  974.745185]  kmemdup_nul+0x31/0xa0
[  974.754777]  match_strdup+0x57/0x80
[  974.754799]  ovl_fill_super+0xcae/0x3f33
[  974.754820]  ? vfs_get_super+0x270/0x270
[  974.754853]  ? ovl_show_options+0x550/0x550
[  974.754904]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.764062]  ? get_anon_bdev+0xc0/0xc0
[  974.764078]  ? sget+0x113/0x150
[  974.764100]  ? ovl_show_options+0x550/0x550
[  974.764117]  mount_nodev+0x73/0x120
[  974.764137]  ? ovl_own_xattr_set+0x10/0x10
[  974.764156]  ovl_mount+0x34/0x40
[  974.771400]  legacy_get_tree+0x131/0x460
[  974.771424]  vfs_get_tree+0x1cb/0x5c0
[  974.771452]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  974.771470]  do_mount+0x70c/0x1d90
[  974.771490]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  974.771510]  ? copy_mount_string+0x40/0x40
[  974.779470]  ? copy_mount_options+0x5f/0x430
[  974.779492]  ? kmem_cache_alloc_trace+0x353/0x750
[  974.779513]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  974.779531]  ? _copy_from_user+0xdf/0x150
[  974.779553]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  974.779571]  ? copy_mount_options+0x315/0x430
[  974.786905]  ksys_mount+0x12d/0x140
[  974.786925]  __x64_sys_mount+0xbe/0x150
[  974.786948]  do_syscall_64+0x1b9/0x820
[  974.786968]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  974.786988]  ? syscall_return_slowpath+0x5e0/0x5e0
[  974.787008]  ? trace_hardirqs_on_caller+0x310/0x310
[  974.787028]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  974.798951]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  974.798968]  ? __switch_to_asm+0x40/0x70
[  974.798981]  ? __switch_to_asm+0x34/0x70
[  974.799005]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  974.799032]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  974.799049] RIP: 0033:0x457569
[  974.806952] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  974.806961] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  974.806977] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  974.806988] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  974.806998] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  974.807008] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  974.807018] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  974.831150] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:58 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc7f0000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf0ffffff00000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:58 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x1, 0x0)
getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000100), &(0x7f0000000140)=0x1)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x1, 0x1, 0xff, &(0x7f0000000080)=[0x0, 0x0], 0x2}, 0x20)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x2}, 0x3}, 0x0)

03:44:58 executing program 4 (fault-call:2 fault-nth:43):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:44:58 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
getrandom(&(0x7f0000000100)=""/4096, 0x1000, 0x3)
socket$inet_smc(0x2b, 0x1, 0x0)
recvmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001100)=""/192, 0xc0}, {&(0x7f00000011c0)=""/110, 0x6e}, {&(0x7f0000001240)=""/155, 0x9b}, {&(0x7f0000000000)=""/14, 0xe}, {&(0x7f0000001300)=""/178, 0xb2}, {&(0x7f00000013c0)=""/183, 0xb7}, {&(0x7f0000001480)=""/170, 0xaa}, {&(0x7f0000001540)=""/112, 0x70}], 0x8, &(0x7f0000001640)=""/149, 0x95, 0xade}, 0x3ce4}, {{&(0x7f0000001700)=@l2, 0x80, &(0x7f0000002a00)=[{&(0x7f0000001780)=""/222, 0xde}, {&(0x7f0000000080)=""/18, 0x12}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/69, 0x45}, {&(0x7f0000002900)=""/218, 0xda}], 0x5, &(0x7f0000002a80), 0x0, 0x80000001}}, {{&(0x7f0000002ac0)=@sco, 0x80, &(0x7f0000002f80)=[{&(0x7f0000002b40)=""/128, 0x80}, {&(0x7f0000002bc0)=""/194, 0xc2}, {&(0x7f0000002cc0)=""/243, 0xf3}, {&(0x7f0000002dc0)=""/91, 0x5b}, {&(0x7f0000002e40)=""/207, 0xcf}, {&(0x7f0000002f40)=""/4, 0x4}], 0x6, &(0x7f0000003000)=""/179, 0xb3, 0x4}, 0x6bb4}], 0x3, 0x10020, &(0x7f0000003180))
fcntl$setlease(r1, 0x400, 0x0)

03:44:58 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000001040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  975.228503] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  975.237101] FAT-fs (loop3): bogus number of reserved sectors
[  975.242921] FAULT_INJECTION: forcing a failure.
[  975.242921] name failslab, interval 1, probability 0, space 0, times 0
[  975.242952] CPU: 0 PID: 13369 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  975.262606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.271961] Call Trace:
[  975.274571]  dump_stack+0x244/0x39d
[  975.278221]  ? dump_stack_print_info.cold.1+0x20/0x20
[  975.283432]  ? kernel_text_address+0x79/0xf0
[  975.287882]  should_fail.cold.4+0xa/0x17
[  975.291962]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  975.297088]  ? save_stack+0xa9/0xd0
[  975.300737]  ? save_stack+0x43/0xd0
[  975.304377]  ? zap_class+0x640/0x640
[  975.308105]  ? ovl_fill_super+0x29e/0x3f33
[  975.312351]  ? mount_nodev+0x73/0x120
[  975.316167]  ? ovl_mount+0x34/0x40
[  975.319729]  ? legacy_get_tree+0x131/0x460
[  975.323969]  ? vfs_get_tree+0x1cb/0x5c0
[  975.323982]  ? do_mount+0x70c/0x1d90
[  975.323995]  ? ksys_mount+0x12d/0x140
[  975.324018]  ? find_held_lock+0x36/0x1c0
[  975.324039]  ? __lock_is_held+0xb5/0x140
[  975.339373] FAT-fs (loop3): Can't find a valid FAT filesystem
[  975.339596]  ? perf_trace_sched_process_exec+0x860/0x860
[  975.354962]  ? zap_class+0x640/0x640
[  975.358720]  __should_failslab+0x124/0x180
[  975.362977]  should_failslab+0x9/0x14
[  975.366799]  __kmalloc_track_caller+0x2d1/0x760
[  975.371482]  ? __lock_is_held+0xb5/0x140
[  975.375562]  ? match_strdup+0x57/0x80
[  975.375582]  kmemdup_nul+0x31/0xa0
[  975.375602]  match_strdup+0x57/0x80
[  975.375622]  ovl_fill_super+0xcae/0x3f33
[  975.375642]  ? vfs_get_super+0x270/0x270
[  975.390672]  ? ovl_show_options+0x550/0x550
[  975.390733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  975.404635]  ? get_anon_bdev+0xc0/0xc0
[  975.408531]  ? sget+0x113/0x150
[  975.411832]  ? ovl_show_options+0x550/0x550
[  975.416169]  mount_nodev+0x73/0x120
[  975.419819]  ? ovl_own_xattr_set+0x10/0x10
[  975.424070]  ovl_mount+0x34/0x40
03:44:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x860c0000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast2}}, &(0x7f00000001c0)=0xe8)
r3 = geteuid()
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000800))
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000380)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000480)=0xe8)
prctl$getname(0x10, &(0x7f00000007c0)=""/19)
r7 = geteuid()
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000740), &(0x7f0000000780)=0x4)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@local}}, &(0x7f00000005c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000600)={{{@in=@loopback, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@loopback}}, &(0x7f0000000700)=0xe8)
getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000880), 0x4)
r10 = geteuid()
r11 = getegid()
lstat(&(0x7f0000000b00)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f00000008c0)=ANY=[@ANYBLOB="02000000010001000000000002000600", @ANYRES32=r2, @ANYBLOB="02000300", @ANYRES32=r3, @ANYBLOB="ad6ce8581fed8ee7873051c9e56410986b5a03ba44fccc18627453f600b87c2419", @ANYRES32=r4, @ANYBLOB="02000100", @ANYRES32=r5, @ANYBLOB="02000500", @ANYRES32=r6, @ANYBLOB="02000100", @ANYRES32=r7, @ANYBLOB="02000200", @ANYRES32=r8, @ANYBLOB="02000500", @ANYRES32=r9, @ANYBLOB="02000400", @ANYRES32=r10, @ANYBLOB="040000000000000008000200", @ANYRES32=r11, @ANYBLOB="08000200", @ANYRES32=r12, @ANYBLOB="10000400000000002000020000000000"], 0x7c, 0x2)

03:44:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  975.427472]  legacy_get_tree+0x131/0x460
[  975.431560]  vfs_get_tree+0x1cb/0x5c0
[  975.435374]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  975.440148]  do_mount+0x70c/0x1d90
[  975.440182]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  975.440204]  ? copy_mount_string+0x40/0x40
[  975.440225]  ? copy_mount_options+0x5f/0x430
[  975.440245]  ? kmem_cache_alloc_trace+0x353/0x750
[  975.440267]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  975.468365]  ? _copy_from_user+0xdf/0x150
[  975.468392]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:44:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x20000)
ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f0000000100)=""/140)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000000)={0x0, r2, 0x9, 0x1, 0x3, 0x80000001})
bind$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x8000000000000}}, 0xa)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x44, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, &(0x7f00000001c0), &(0x7f0000000200)=[0x0]}}], 0x99, 0x0, &(0x7f00000002c0)="4c70b748f9c03a90802c4b5b7818ba69239f0fa2fa1b990614665a3cefa6d38898bd7c546de0a3325ad4a467fd7aea95af1cd4ea709ff3489901c2d27cacde5edfe4d5d68cebc2d13301832bbdc87f9626d3276b56b29585ff40167b170b6d653f23a203490208e9d3e4a976b789be861b0de5ca99ffda8ee2ebc74593d50ddbdbc3d3d8b7c7477d8fc6b83ad53d2a272dce8deb8fed7c91ca"})
openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x2, 0x0)

[  975.468409]  ? copy_mount_options+0x315/0x430
[  975.468432]  ksys_mount+0x12d/0x140
[  975.468468]  __x64_sys_mount+0xbe/0x150
[  975.490251]  do_syscall_64+0x1b9/0x820
[  975.494159]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  975.494183]  ? syscall_return_slowpath+0x5e0/0x5e0
[  975.494205]  ? trace_hardirqs_on_caller+0x310/0x310
[  975.494224]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  975.494245]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  975.494259]  ? __switch_to_asm+0x40/0x70
[  975.494272]  ? __switch_to_asm+0x34/0x70
[  975.494295]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  975.494323]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  975.494341] RIP: 0033:0x457569
[  975.509652] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  975.509662] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  975.509679] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
03:44:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x3000, 0x1})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x860c, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  975.509689] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  975.509700] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  975.509717] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  975.509727] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:58 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xfdffffff00000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:58 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf00000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in=@rand_addr, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@local}, 0x0, @in6=@remote}}, &(0x7f00000001c0)=0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000200)={{{@in=@multicast1, @in=@multicast1, 0x4e24, 0x4, 0x4e21, 0x3, 0xa, 0xa0, 0xa0, 0x4, r2, r3}, {0x6, 0x3, 0x2, 0x7fffffff, 0xcf0f, 0x5, 0x7f}, {0x80, 0x10000, 0x40, 0x1}, 0x9, 0x6e6bb4, 0x3, 0x0, 0x2, 0x2}, {{@in=@multicast2, 0x4d2, 0x2b}, 0xa, @in6=@ipv4={[], [], @remote}, 0x3505, 0x3, 0x3, 0x3f, 0x4f00e964, 0x80, 0x8000}}, 0xe8)

03:44:58 executing program 4 (fault-call:2 fault-nth:44):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  975.840572] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  975.877979] FAULT_INJECTION: forcing a failure.
[  975.877979] name failslab, interval 1, probability 0, space 0, times 0
[  975.907592] CPU: 0 PID: 13400 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  975.916113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  975.925481] Call Trace:
[  975.928095]  dump_stack+0x244/0x39d
[  975.931752]  ? dump_stack_print_info.cold.1+0x20/0x20
[  975.936960]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  975.942260]  should_fail.cold.4+0xa/0x17
[  975.942282]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  975.942303]  ? kernel_text_address+0x79/0xf0
[  975.951492]  ? unwind_get_return_address+0x61/0xa0
[  975.951512]  ? __save_stack_trace+0x8d/0xf0
[  975.951530]  ? zap_class+0x640/0x640
[  975.951556]  ? find_held_lock+0x36/0x1c0
[  975.960880]  ? __lock_is_held+0xb5/0x140
[  975.960914]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  975.960934]  ? perf_trace_sched_process_exec+0x860/0x860
[  975.973186]  ? creds_are_invalid+0x140/0x140
[  975.973202]  ? zap_class+0x640/0x640
[  975.973225]  __should_failslab+0x124/0x180
[  975.973247]  ? ovl_show_options+0x550/0x550
[  975.982833]  should_failslab+0x9/0x14
[  975.992683]  kmem_cache_alloc+0x2be/0x730
[  975.992720]  ? ovl_show_options+0x550/0x550
[  975.992739]  prepare_creds+0xab/0x4d0
[  976.000687]  ? abort_creds+0x2a0/0x2a0
[  976.000715]  ? ovl_fill_super+0x138/0x3f33
[  976.000738]  ? rcu_read_lock_sched_held+0x14f/0x180
[  976.008844]  ? kmem_cache_alloc_trace+0x353/0x750
[  976.008860]  ? memcpy+0x45/0x50
[  976.008885]  ? ovl_show_options+0x550/0x550
[  976.008905]  ovl_fill_super+0x14e/0x3f33
[  976.017379]  ? vfs_get_super+0x270/0x270
[  976.017425]  ? ovl_show_options+0x550/0x550
[  976.017508]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  976.017527]  ? ns_capable_common+0x13f/0x170
[  976.025214]  ? get_anon_bdev+0xc0/0xc0
[  976.025242]  ? sget+0x113/0x150
[  976.025264]  ? ovl_show_options+0x550/0x550
[  976.025280]  mount_nodev+0x73/0x120
[  976.025300]  ? ovl_own_xattr_set+0x10/0x10
[  976.025315]  ovl_mount+0x34/0x40
[  976.025334]  legacy_get_tree+0x131/0x460
[  976.025367]  vfs_get_tree+0x1cb/0x5c0
[  976.034614]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  976.034643]  do_mount+0x70c/0x1d90
[  976.034662]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  976.034682]  ? copy_mount_string+0x40/0x40
[  976.034724]  ? copy_mount_options+0x5f/0x430
[  976.034768]  ? kmem_cache_alloc_trace+0x353/0x750
[  976.042886]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  976.042910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  976.042926]  ? copy_mount_options+0x315/0x430
[  976.042946]  ksys_mount+0x12d/0x140
[  976.051338]  __x64_sys_mount+0xbe/0x150
[  976.051362]  do_syscall_64+0x1b9/0x820
03:44:59 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
r2 = dup3(r0, r0, 0x80000)
mq_timedreceive(r2, &(0x7f0000000100)=""/245, 0xf5, 0x6, &(0x7f0000000000)={0x77359400})
ioctl$NBD_SET_SIZE(r1, 0xab02, 0x8)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:59 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:44:59 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xfffff000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000080))
syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xc2, 0x58000)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:59 executing program 4 (fault-call:2 fault-nth:45):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  976.051381]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  976.051400]  ? syscall_return_slowpath+0x5e0/0x5e0
[  976.059776]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  976.059798]  ? trace_hardirqs_on_caller+0x310/0x310
[  976.059840]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  976.059860]  ? prepare_exit_to_usermode+0x291/0x3b0
[  976.069801]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  976.069829]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  976.069847] RIP: 0033:0x457569
[  976.077011] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  976.077021] RSP: 002b:00007f7fae567c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  976.077036] RAX: ffffffffffffffda RBX: 00007f7fae567c90 RCX: 0000000000457569
[  976.077046] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  976.077055] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000
[  976.077065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5686d4
03:44:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0x185)

[  976.077075] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000003
[  976.273508] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  976.273789] FAT-fs (loop3): bogus number of reserved sectors
03:44:59 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x20000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  976.318025] FAULT_INJECTION: forcing a failure.
[  976.318025] name failslab, interval 1, probability 0, space 0, times 0
[  976.335077] FAT-fs (loop3): Can't find a valid FAT filesystem
03:44:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sync_file_range(r0, 0x101, 0x0, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x3, 0x3f0a}}, 0xce2)

[  976.391225] CPU: 0 PID: 13432 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  976.399752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  976.409109] Call Trace:
[  976.411723]  dump_stack+0x244/0x39d
[  976.415365]  ? dump_stack_print_info.cold.1+0x20/0x20
[  976.420565]  ? kernel_text_address+0x79/0xf0
[  976.424990]  should_fail.cold.4+0xa/0x17
[  976.429068]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  976.434186]  ? save_stack+0xa9/0xd0
[  976.437818]  ? save_stack+0x43/0xd0
[  976.441458]  ? zap_class+0x640/0x640
[  976.445202]  ? ovl_fill_super+0x29e/0x3f33
[  976.449448]  ? mount_nodev+0x73/0x120
[  976.453253]  ? ovl_mount+0x34/0x40
[  976.456797]  ? legacy_get_tree+0x131/0x460
[  976.461028]  ? vfs_get_tree+0x1cb/0x5c0
[  976.465001]  ? do_mount+0x70c/0x1d90
[  976.468741]  ? ksys_mount+0x12d/0x140
[  976.472549]  ? find_held_lock+0x36/0x1c0
[  976.476623]  ? __lock_is_held+0xb5/0x140
[  976.480771]  ? hash_ipmac6_kadt+0x178/0x7f0
[  976.485117]  ? perf_trace_sched_process_exec+0x860/0x860
[  976.490571]  ? zap_class+0x640/0x640
[  976.494302]  __should_failslab+0x124/0x180
[  976.498542]  should_failslab+0x9/0x14
[  976.502374]  __kmalloc_track_caller+0x2d1/0x760
[  976.507043]  ? __lock_is_held+0xb5/0x140
[  976.511114]  ? match_strdup+0x57/0x80
[  976.514919]  kmemdup_nul+0x31/0xa0
[  976.518475]  match_strdup+0x57/0x80
[  976.522132]  ovl_fill_super+0xcae/0x3f33
[  976.526207]  ? vfs_get_super+0x270/0x270
[  976.530289]  ? ovl_show_options+0x550/0x550
[  976.534641]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  976.540205]  ? get_anon_bdev+0xc0/0xc0
[  976.544100]  ? sget+0x113/0x150
[  976.547409]  ? ovl_show_options+0x550/0x550
[  976.551746]  mount_nodev+0x73/0x120
[  976.555381]  ? ovl_own_xattr_set+0x10/0x10
[  976.559618]  ovl_mount+0x34/0x40
[  976.562993]  legacy_get_tree+0x131/0x460
[  976.567069]  vfs_get_tree+0x1cb/0x5c0
[  976.570872]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  976.575631]  do_mount+0x70c/0x1d90
[  976.579177]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  976.584739]  ? copy_mount_string+0x40/0x40
[  976.588995]  ? copy_mount_options+0x5f/0x430
[  976.593409]  ? kmem_cache_alloc_trace+0x353/0x750
[  976.598283]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  976.603829]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  976.609369]  ? copy_mount_options+0x315/0x430
[  976.613870]  ksys_mount+0x12d/0x140
[  976.617515]  __x64_sys_mount+0xbe/0x150
[  976.621500]  do_syscall_64+0x1b9/0x820
[  976.625394]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  976.630761]  ? syscall_return_slowpath+0x5e0/0x5e0
[  976.635694]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  976.640586]  ? trace_hardirqs_on_caller+0x310/0x310
[  976.645612]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  976.650636]  ? prepare_exit_to_usermode+0x291/0x3b0
[  976.655664]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  976.660527]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  976.665725] RIP: 0033:0x457569
[  976.668922] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  976.687828] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  976.695540] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  976.702809] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  976.710078] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  976.717365] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  976.724649] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:44:59 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x7a000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:44:59 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x406, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0x80000000)

03:44:59 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:44:59 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000f40)={@broadcast, @multicast2}, &(0x7f0000000f80)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:44:59 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x84, &(0x7f0000000100)=[@in6={0xa, 0x4e23, 0xb0000, @dev={0xfe, 0x80, [], 0xe}, 0x3}, @in6={0xa, 0x4e20, 0x100000001, @mcast2, 0x1}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e24, 0x8, @loopback, 0x3}]}, &(0x7f0000000080)=0x10)
clock_gettime(0x0, &(0x7f0000000300)={<r3=>0x0, <r4=>0x0})
clock_gettime(0x0, &(0x7f0000000380)={<r5=>0x0, <r6=>0x0})
write$sndseq(r1, &(0x7f00000003c0)=[{0x74, 0x0, 0x0, 0x1df, @tick=0x1, {0x1, 0x10001}, {0xffffffffffffff97, 0x40}, @ext={0xfb, &(0x7f0000000200)="4d15cbcf8de4516f047cf0dff064fcc03059f3558c46533dd5ee654e15ec4d39ca4d700397fb735bff2d10c4d2878b31df32ecbe3bf96f03d1740d1bfee10987a37018fa9d0b5df8c4a4150e3fc7ca214c45144734c11404702e3832f86b9629b2fd6c9887ea04b33dd6f8551a2b619fb4a441a90f3aa839e220ef72f04bebc569aff81232f596195fac817b7f0c3df1048a086737e4524ae93aa127cdf1e90275a3ea387c1ecae20e53a0984bf959ac757a5b082289b9833a2e5da586d92eef9de9c46d32999cdb2c21b5d6aa7e08d38ef8a31e90e46179a5302136d4d6eaabe75f31de678d7265092662dce736bd05dc9814b6df0180ddb72e4b"}}, {0x1, 0x100000001, 0x5, 0x7fff, @time, {0xabe2}, {0x800, 0x356}, @connect={{0x1}, {0x400, 0x5}}}, {0x8000, 0x5, 0x401, 0x1ff, @time={r3, r4+10000000}, {0x10000000000000, 0x20}, {0x9, 0x40}, @ext={0x21, &(0x7f0000000340)="c664abf597296bc0d882a4dc41c4879088d5203cc28fcb9a2162ff9bc8972b12f9"}}, {0x7f, 0x3f, 0x7, 0x1000, @time={r5, r6+30000000}, {0x4, 0x5}, {0x400, 0x5}, @connect={{0x4, 0x3}, {0x6, 0x20000000}}}, {0x6, 0xa3, 0x3, 0x7, @time={0x77359400}, {0x8, 0x9}, {0x1, 0xff}, @raw32={[0x6d, 0x1, 0x100000000]}}, {0x100000001, 0x1, 0xca43, 0xbc70, @tick=0x80000001, {0x0, 0x1}, {0x43, 0x5b22}, @raw32={[0x2, 0x3b, 0xd5]}}, {0x3, 0xffffffffffffff7f, 0x2, 0xffffffffffff8001, @time={0x0, 0x1c9c380}, {0xfff, 0x6}, {0x7, 0x3000000000000000}, @time=@time}, {0x65, 0x0, 0x8, 0x8, @time={0x77359400}, {0x3, 0x3}, {0x20, 0x2}, @note={0x4, 0x0, 0x6, 0x100, 0x9}}, {0xa5, 0x1, 0x0, 0x5, @time={0x77359400}, {0x8000, 0xfffffffffffffc01}, {0xa1, 0x7}, @result={0x20, 0x3}}, {0x0, 0x4, 0x0, 0x81, @tick=0x4, {0x4, 0x3fe}, {0x80000000, 0x401}, @control={0x1000, 0x5085}}], 0x1e0)
setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000001c0)=@assoc_id=r2, 0x4)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:44:59 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:59 executing program 1:
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0xfffffffffffffffd, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x1, 0x2}}, 0xa)

03:44:59 executing program 4 (fault-call:2 fault-nth:46):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  977.017171] FAT-fs (loop3): bogus number of reserved sectors
03:44:59 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x300, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:44:59 executing program 2:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000000))
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {}, 0x3}, 0xa)
ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  977.065200] FAT-fs (loop3): Can't find a valid FAT filesystem
[  977.076018] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:44:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(r0)
ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f0000000000))
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

[  977.141149] FAULT_INJECTION: forcing a failure.
[  977.141149] name failslab, interval 1, probability 0, space 0, times 0
[  977.218059] CPU: 1 PID: 13478 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  977.226589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  977.235950] Call Trace:
[  977.238562]  dump_stack+0x244/0x39d
[  977.242230]  ? dump_stack_print_info.cold.1+0x20/0x20
[  977.247476]  should_fail.cold.4+0xa/0x17
[  977.251565]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  977.256699]  ? zap_class+0x640/0x640
[  977.260428]  ? save_stack+0xa9/0xd0
[  977.264098]  ? save_stack+0x43/0xd0
[  977.267740]  ? kasan_kmalloc+0xc7/0xe0
[  977.271651]  ? __kmalloc_track_caller+0x157/0x760
[  977.276520]  ? find_held_lock+0x36/0x1c0
[  977.280606]  ? __lock_is_held+0xb5/0x140
[  977.284705]  ? perf_trace_sched_process_exec+0x860/0x860
[  977.290176]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  977.295739]  ? check_preemption_disabled+0x48/0x280
[  977.300786]  __should_failslab+0x124/0x180
[  977.305040]  should_failslab+0x9/0x14
[  977.305059]  kmem_cache_alloc+0x2be/0x730
[  977.305086]  getname_kernel+0x54/0x370
03:45:00 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x5509000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:00 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:00 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x100, 0x0)
ioctl$EVIOCSCLOCKID(r1, 0x400445a0, &(0x7f0000000100)=0x80000000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$inet(0x2, 0xa, 0x2)
r3 = fcntl$dupfd(r0, 0x0, r0)
ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000000)={0x1f, 0x5c, &(0x7f0000000080)="e1000359624b1fe16eb44c6d1ba1081a1b2dae6292626a2a74359c1dc0e49016530e2b8c986bd7a7bc1e32ff74d302754221c192deb506e769c19367279d9d86c7f6ceeb2101adf0cd9e0c2486c9dca042272724cdc29724810f33c6"})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000140)={r2})

[  977.313035]  kern_path+0x1e/0x40
[  977.320287]  ovl_mount_dir_noesc+0x6b/0x190
[  977.324637]  ovl_mount_dir+0x10a/0x1c0
[  977.328560]  ovl_fill_super+0x846/0x3f33
[  977.332652]  ? vfs_get_super+0x270/0x270
[  977.336753]  ? ovl_show_options+0x550/0x550
[  977.341130]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  977.346691]  ? get_anon_bdev+0xc0/0xc0
[  977.350592]  ? sget+0x113/0x150
[  977.353894]  ? ovl_show_options+0x550/0x550
[  977.358243]  mount_nodev+0x73/0x120
[  977.361896]  ? ovl_own_xattr_set+0x10/0x10
[  977.366145]  ovl_mount+0x34/0x40
[  977.366167]  legacy_get_tree+0x131/0x460
[  977.366191]  vfs_get_tree+0x1cb/0x5c0
[  977.366214]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  977.366234]  do_mount+0x70c/0x1d90
[  977.373671]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  977.373695]  ? copy_mount_string+0x40/0x40
[  977.373716]  ? copy_mount_options+0x5f/0x430
[  977.373738]  ? kmem_cache_alloc_trace+0x353/0x750
[  977.373768]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  977.382315]  ? copy_mount_options+0x315/0x430
[  977.382338]  ksys_mount+0x12d/0x140
03:45:00 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x80000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {&(0x7f0000000080), 0x0, r2, 0x30, 0x0, @ib={0x1b, 0x85, 0x5, {"48cfd702746344af9241b229eab36435"}, 0x5, 0x1, 0x2}}}, 0xa0)
r3 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
modify_ldt$write(0x1, &(0x7f0000000240)={0x9, 0x20001000, 0x2000, 0x7, 0x7, 0xff, 0x6c54c32e, 0xfff, 0x1, 0x8000}, 0x10)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f00000000c0))

[  977.382359]  __x64_sys_mount+0xbe/0x150
[  977.382383]  do_syscall_64+0x1b9/0x820
[  977.382409]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  977.391486]  ? syscall_return_slowpath+0x5e0/0x5e0
[  977.391510]  ? trace_hardirqs_on_caller+0x310/0x310
[  977.391529]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  977.391549]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  977.391570]  ? __switch_to_asm+0x40/0x70
[  977.400199]  ? __switch_to_asm+0x34/0x70
[  977.400234]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  977.400264]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  977.400277] RIP: 0033:0x457569
[  977.400296] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  977.410656] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  977.410673] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  977.410684] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:45:00 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000f00)={'team0\x00'})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:00 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000000, 0x810, r0, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
r2 = gettid()
sched_setattr(r2, &(0x7f0000000000)={0x30, 0x2, 0x1, 0x3, 0x9da, 0x8, 0x6, 0xf7a7}, 0x0)
semget$private(0x0, 0x4, 0xb0)

[  977.410694] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  977.410704] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  977.410713] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  977.442573] overlayfs: failed to resolve './file0': -12
03:45:00 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xfffffffffffff000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:00 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
semget$private(0x0, 0x20000000007, 0x16a)

03:45:00 executing program 4 (fault-call:2 fault-nth:47):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:00 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x34000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:00 executing program 1:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r0, &(0x7f0000000040), 0x2)

03:45:00 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0xd0e6, 0x0, 0x8}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  977.667845] FAT-fs (loop3): bogus number of reserved sectors
[  977.692858] FAT-fs (loop3): Can't find a valid FAT filesystem
[  977.827776] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  977.869359] FAULT_INJECTION: forcing a failure.
[  977.869359] name failslab, interval 1, probability 0, space 0, times 0
[  977.890608] CPU: 1 PID: 13534 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  977.899133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  977.908503] Call Trace:
[  977.911120]  dump_stack+0x244/0x39d
[  977.914780]  ? dump_stack_print_info.cold.1+0x20/0x20
[  977.919999]  ? __kernel_text_address+0xd/0x40
[  977.924508]  ? unwind_get_return_address+0x61/0xa0
[  977.929432]  should_fail.cold.4+0xa/0x17
[  977.933494]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  977.938593]  ? save_stack+0x43/0xd0
[  977.942212]  ? kasan_kmalloc+0xc7/0xe0
[  977.946093]  ? __kmalloc_track_caller+0x157/0x760
[  977.950927]  ? kmemdup_nul+0x31/0xa0
[  977.954630]  ? match_strdup+0x57/0x80
[  977.958422]  ? zap_class+0x640/0x640
[  977.962129]  ? legacy_get_tree+0x131/0x460
[  977.966351]  ? vfs_get_tree+0x1cb/0x5c0
[  977.970311]  ? do_mount+0x70c/0x1d90
[  977.974010]  ? ksys_mount+0x12d/0x140
[  977.977808]  ? __x64_sys_mount+0xbe/0x150
[  977.981962]  ? do_syscall_64+0x1b9/0x820
[  977.986020]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  977.991392]  ? find_held_lock+0x36/0x1c0
[  977.995470]  ? __lock_is_held+0xb5/0x140
[  977.999535]  ? perf_trace_sched_process_exec+0x860/0x860
[  978.004981]  ? zap_class+0x640/0x640
[  978.008709]  __should_failslab+0x124/0x180
[  978.012949]  should_failslab+0x9/0x14
[  978.016755]  __kmalloc_track_caller+0x2d1/0x760
[  978.021414]  ? __lock_is_held+0xb5/0x140
[  978.025479]  ? match_strdup+0x57/0x80
[  978.029270]  kmemdup_nul+0x31/0xa0
[  978.032803]  match_strdup+0x57/0x80
[  978.036439]  ovl_fill_super+0xc59/0x3f33
[  978.040505]  ? vfs_get_super+0x270/0x270
[  978.044584]  ? ovl_show_options+0x550/0x550
[  978.048973]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.054517]  ? get_anon_bdev+0xc0/0xc0
[  978.058394]  ? sget+0x113/0x150
[  978.061666]  ? ovl_show_options+0x550/0x550
[  978.065993]  mount_nodev+0x73/0x120
[  978.069629]  ? ovl_own_xattr_set+0x10/0x10
[  978.073864]  ovl_mount+0x34/0x40
[  978.077253]  legacy_get_tree+0x131/0x460
[  978.081322]  vfs_get_tree+0x1cb/0x5c0
[  978.085115]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  978.089876]  do_mount+0x70c/0x1d90
[  978.093462]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  978.098995]  ? copy_mount_string+0x40/0x40
[  978.103235]  ? copy_mount_options+0x5f/0x430
[  978.107656]  ? kmem_cache_alloc_trace+0x353/0x750
[  978.112496]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  978.118038]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.123581]  ? copy_mount_options+0x315/0x430
[  978.128103]  ksys_mount+0x12d/0x140
[  978.131742]  __x64_sys_mount+0xbe/0x150
[  978.135713]  do_syscall_64+0x1b9/0x820
[  978.139594]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  978.144947]  ? syscall_return_slowpath+0x5e0/0x5e0
[  978.149868]  ? trace_hardirqs_on_caller+0x310/0x310
[  978.154874]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  978.159880]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  978.166546]  ? __switch_to_asm+0x40/0x70
[  978.170615]  ? __switch_to_asm+0x34/0x70
[  978.174669]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  978.179511]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  978.184703] RIP: 0033:0x457569
[  978.187904] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  978.206793] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  978.214487] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  978.221741] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  978.228998] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  978.236272] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  978.243533] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:01 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x400000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:01 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$P9_RLCREATE(r1, &(0x7f0000000000)={0x18, 0xf, 0x2, {{0x10, 0x4, 0x5}, 0x7}}, 0x18)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xffffff7f00000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:01 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0xa00, 0x0)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfd, 0x400000}, 0xc)
r2 = socket$inet6(0xa, 0x80000, 0x27ee487a)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, &(0x7f0000000100)={0x0, {{0xa, 0x4e22, 0x5, @local, 0x8}}, {{0xa, 0x4e21, 0x6, @remote, 0x4}}}, 0x108)
r3 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f00000000c0))

03:45:01 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000ec0)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:01 executing program 4 (fault-call:2 fault-nth:48):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:01 executing program 1:
r0 = getpgrp(0x0)
ptrace$getsig(0x4202, r0, 0x84ee, &(0x7f0000002600))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x34000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, 0x2f, 0x829, 0x0, 0x0, {0x3}, [@nested={0x18, 0x0, [@typed={0x14, 0x1, @ipv6=@loopback={0x4000000070000f0}}]}]}, 0x2c}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vga_arbiter\x00', 0x0, 0x0)
recvmsg$kcm(r3, &(0x7f00000014c0)={&(0x7f00000001c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f0000001380)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/199, 0xc7}, {&(0x7f0000001340)=""/1, 0x1}], 0x3, &(0x7f00000013c0)=""/193, 0xc1, 0x8}, 0x100)
fsetxattr(r2, &(0x7f0000000000)=@known='security.apparmor\x00', &(0x7f0000000140)='uservmnet0nodev!self(..(\\eth1!\x00', 0x1f, 0x2)
r4 = fcntl$dupfd(r2, 0x0, r2)
r5 = memfd_create(&(0x7f0000000100)='lovboxnet1posix_acl_accessuser[\x00', 0x2000000003)
ioctl$KVM_SET_DEBUGREGS(r5, 0x4080aea2, &(0x7f0000000080)={[0xf000, 0x16000, 0xf004, 0x3000], 0xff, 0x2, 0x89})
bind$bt_rfcomm(r4, &(0x7f0000000040)={0x1f, {0x0, 0x7fff, 0x0, 0x0, 0x0, 0x2}}, 0xa)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000001580)={0x10, 0x30, 0xfa00, {&(0x7f0000001540)={<r6=>0xffffffffffffffff}, 0x0, {0xa, 0x4e24, 0x2, @dev={0xfe, 0x80, [], 0x16}, 0x8}}}, 0x38)
setsockopt$packet_buf(r4, 0x107, 0x16, &(0x7f0000001600)="f129d517870d5920a3cdc3f59e12413be8092cfd0d9c0654b5dff041d0d4ae3a6b0ab8ebd5e46efb197ba05f4d83cf313ebc85f9ae178861cf33dfe754d85b90d303d13b03d66bb1d4b2e819221995309b852f577681a55a834b941eb257c68e6fb1edc56e1881b4dcd7636426d04d67143b33da9d8a1e0a2bb9d35c7334f9b55facd4210e2929c372b0f50ddd6244688338a985faa38e7e3f9d9390e7631ec939294192a1bad8873bd98c0378dcc7d89bc896b98dc389f60099936c068073eae5b1eb6fd4035999c7017ffcfb0b36f90c08e0d1e26387d06888594c938a6cf8474a22cce185090b02c9f543aac4c152eccec41cbfe32d132ecb940cd798d84f12dbd6cc4ffbb33bdff5258a0d7810cbb100f4fa9413c95b2d4bac0702a2381278ad9f06bc7588eb99adc425428a1128b353fe5ab6334bb59a780550f9fad53ffa7f4414104253650650e3fb1b1800a8c6a763b77057b7a0504841c694d0262d397c4f63433ac0d2cf183ccdafee793a5818f32995594eec2d3fa0e74d5db6d724855fd873fe070d964551fcd0372d4330d5e7f4592c1c3c69e2244d8082839b3dbd38ca3b89dc87815ee1d553d1c51a2d3cc377ca908de7ef13fc8164c25053d55478a95fdaf7fa02fa66d2bd42cbe2c7a49fca9c5e56ee090a0398c20401d6aca82267d9cd331376d34f7be09440288e08fd2114857609a2708e9253c5fb2a9f692eddc02d790dd3fd0e1b0c1a515a4baca99f4beedb5493e91d75cc38be9a48312aedcd7533e8c76467c1e82c674273cbc6440b0876dea78561c88b43ba21a4a27d13be1470660320405293facfc54c4a88c27213f890f19ba031247263f1d19bbeeac5ca775b6d143de0d8d60c0e3665795c00498f75b1c05a0da25e28e5441103c80e03556867ce9fee6b1d8ef493a97f0ef0fb5fd640752ca6d52cc800460210ebcbc4ddf1ee51fc466716b31e216d14af4be1e45fd2167c942c1a6035cc1a0132904b456abe53782251b12a658e092e15337ee523b3d657da07b6f82b8f9bc5aef3c621c99eff17e1fa076d840e552e1c0b684c72b10a6337dffe5e7951d09b9edbed0cb1e32e74066f1b9d96f33523bba049247aa7676a149c7f04360c361b7da2a488a25512e618800332caa328030d5154469b7021b1fb4c5424ae8c9697a8c9141378a89dc90b8c4d95a6ef69bf3cf7eb289e31972d17ea6b4ae1a12216d7be264ed7851726adaa343e14f1c69553fe8f25a4a71a1c3f8310e884bbd66c36d28835292275e59c98b387dc38426cbafc59b9efe16d1e98e9415d8974d8be8f5043616627247147bed5d48ea7aaba804282652e392f1891178d43ec9b70d158ea0bb3b3780fe42c82a655b84ebf44978cde3872a95f3ac57f07884eebeee1a2133b8c7b6804d2281134f9290076901eda10028babc34c98637da3ab4147206aa5e8efced093dfb709a5188cb51547652f69d5fcc4e0afd8c9c06f72eb6bdf8396984327750e3a27576862cbdaab01b8dcf99291ad59aaa91c81dade73c590dcda8568bd6fc09d91908c7cb2b78ab7ac2d401eb6e9362f1dd0877834101e467f6a71f9fb9c40b33a323cc6958d4ac262c69a7be1c1a38cf3e668cf86461cb463c93177ec090edc046bea535c4f821b783e4967ddaf833d71df52d52c7eb6562ace6cc0bc1021bfb192b806a9d4fc9b31a248d35201c85595ba22c6a62a6694804ab9ded343760ff167239c7a5214cdd1a279816474d21c868aab8b99ca5288539ae2479f40484ea5e30efc1cf76afcd19e7312ccf095aaa854da34402b11615be3b801f0dda809b4af179cc41856f66c4b8948c1e44c270cd169dae5a6b747d7b174d3944f3d030089f326fd7b198012017bbbf7fdcde841de5093f266a05af57efec23190c53aa5b08a05e833a2e29b4526f719c7d2f87c8fee05ce825229939a3af102e45d3d9f386e1d6b6a33dae7c88eeba16306554fb93673d2cca9c865064e3dd1f4a8bb0cf7183372af492906b810cde80ebb0928589099dff2e72ae58c52c1107a788fcabf75f9c5953df24e15f60bf2533e39aa1cdd99a7ccebd45957f020596a287500caf936b86cc0ba930f705e85ee5fb6930250a85751bf4b9f5ad7a2a3da5a6fb43a1187c4dc360c85ac53d2280c5fe137e6409770f5b6fa4d15ffd93af162dd697d2968dceae691a4dd49e73b20f5392141f3043734e9afe078ff3dc0d0c979a9b3262229a5eb4ed4b6e9e77df489038308124211ec5dbc944e8df624fbd0f5fa75d8799468f7bf340681896ef4dd5e9e235335472f540d888434f4c7aca78a0121a87bbbe4cab859fc6f36b6e293360660a7e108d749b7707f0cb560af9d2eacb71c014e7ecd61a45e99e0ea2a9f51d88dd1f6a6384026048b20cd3ca9ab4c99b4d5425069a9945825ab08ab46aa95605137aa09e3dcbc5dbf0ff2a73207786be6e27227f28e4d9af4d3d2e1fcf61b5c69997f7cd5212383c4875d6893ca63227d55acf8d96d378ae8c1b5512718cc4e07103d067a3361dbf16d10e24acb1074f0edea6b6d90e79c96e852db0246f7988b44cf92437f66dc5ebc1c2ab230e7a145dd6e574c02bb515af964b293ed5003553fc0ec7b2d3ee9b6fe8928c6422fe691052f3a7be92f5a07605ae7b9a67849d4a919a5a5ca52a2ed07716616fe910db6c0184e9e26c05812ccf6d914d4b45b6afc8e22722ca26acdd00485f3e594c0fa86a55c22585cb8ec3a03b32d97de0cfc4b0e68eed8c2e0a221cb71af6544016293ba2a491bdc6c2b823a950fa127dc88baa4c5a3933d2e9217aded098449cdce6fa3143dbec385ebaab055ae875731a25ab53ed0baf454e931a4c689b70213749c0c2fc6ff27dc9392706b239df2bcb316349fdf0452c4dcaad12fcab7e38bc300d5d3436d8277d2fd5f642083762d518995b65741e93f8db641bc037847c291c1fd3b52fd12764cbd410a8968c3e9f1ed35c01698a11529fd9d3f0d03a28a15dc039d2388b3eb3d88269587a87a1627297524f07537445ae09a4b499710f6723c86038b376f30ebd443925c5020d301bbf74d384d073858508cc7a28d7d67828d26330dc1005954b54ef80ff6689dd33c9792badfecaa46e35fff84229153e576e0775fad0dc8612b8fc04e0d04685597dae97f56a360a01f4ae73c99a34984047588905bec399ec9cd8f803f8aaa75af777b5ef42e4391a10b5ff3dc340f4ea3a8330b325f52eeca1bcf65da8f90e46b43456fec03b2fc61cf19166f37a791f5669e49745c786fe55618d9601734c36e0ab9af00ca4186c4a5926b98ef5c10c3b18745a4dcdd1260983db21fd4b05c113ed25c7681d7fdaa25d5d4ed8b403f9ee60f2d4e228ad7de4fc558d951a99a52e27dd18463a5584d6b7061971c6a031195e2b4d812cd2dadbc9d92412f9b3a41cfc983f214cdec08fef5c244f165b17012444ff39f6131bc0220b4f291d3a64379a1614baab757dddd153a3eddfaa20276137be939f30ba1ca18a5fd6c66fdfe1b8642b250fad0d392a6bfe01bba286ee578103fafb52c97f95ebbf0f50e461226e8b432c6ba0aa24fc17515ff85301a0c9ad3baad1b7e945538f7d1e9315a5d0c970cce120174b93bcb35aadcf2239e968c604b582f3537f6dfbb3e4cc06136bb0a3286a2ef8f1cd25f9c222ee6a3678248777386b6ec361a531ac3ca91b7c502824239f8c60eb72622f5b532494c684004d28452146a6e154972c7a93e57743dc6138012fe35a90d197c3b6515aa702526eb53fc35a2b8b18cf4d7c56df499c8ec249e17a0846e69bf15d904c05d377d21c69668618a2d12875e862de353e63029dcf009c85fcffb0f23567da6afaae09d291437e83f7e7365bdb555042318276788b22e93d4a6ed14afb5f4dea38302a6bdb1e23cce1365eff7dfb31c751fbb1dc617770706b95e9cec3958789b6c4633aab48b1a6f589a5eb7ddb3d3c1c8acc679bf65f4fedd93da5b8825cfa73bd56c441997742d03798ad839123289fe8815e303acf94e7f1e33785e87d1c4d7be4b651ec041b85dac539e27cda3951be2e03ca6b61758f7950d304ed219355ff90eb4a18ce6902a868cfd844517b590adb0f1d6374e753a872bb9aa6f3b34be13873a70f882e38bc1e77a936f2983b42ad527b59582fa474b1d24e434d531a5210d90007c2a001dac1cdfea8960d19b0ada98476e660bb002e774eac76c8139f65d77fe7be0a7ae9453e9750018f99228b2228db99035abefd5fcd91f5815b8fbdc3f9a805b4191438056df512e20724c8598d27fce44cc092833e844658d88640a116579a9c309da128f7d0cffbb150ea77f556be3f84d6ed59d94d856d538db28b0b3b37096c9f639d8c7ef23cdc2c1171e95146747bfaa386af4f43aa06f77995492b9d89048ded9246e6dcee3ebc0727e2cd8cae3081e22689eacfdbea2b6b69beac234acad308cdf1a802d7641f605dcc7a300a0cbf5bb37da7768b64c1c0dfc4a056c856c194369056ad171f0c8450ddd5f879fb6ea5e0aa879139006fca148ad6b81b8149b65e0ef76eb9a3327634689c68be1273fa1d21233d6c812a0dc5eea5cd8d420f975af1e281ee0bfff0add8afdb08ab5c8108e4e8baa891fb813051ec35b49e737e4adc14713f1dea4207b573a05caab5158595aa0ae669e94131c013309fc565467ae60cb974bbdb240fb1a2ed878bf19fd690c24bba99cb237bbb73dab616bb22b8af299fb6efda063dbdf47881783dea6eecca692a7cf697fc900d1e27badaea1171e116a5a5c8d3db1cc99c091eee4cb127ce6083a2a1f6a27094648237e66d6001c716ec56b69307601dfc0123f888c1505e927684bae3b1f733cd0041956cef54a0c00663f610011a84354eca49f92a2f1d62fa82f3c2e64cd1e18e54b098886d74c0f2e73e73948ffc5c4794e22cbb4b208ab4b9442dc05d37057b568b43c26172ae96676c391b29639d2135c4cb21f1e595ddcf346397ad60ce03b4c9c42a4fe770f5eb3f4e0c99aa0bda394045cc8e19778b913eb3520f7823b2376c73042e3ba724a71782c5b8a673fb9fe3ec95175cd4dd1421a293f76fbd5870d12027369241d4dd24ed4c5754772565041af05aa4bafb36ad9e0fe5c3a88195a0334853ffac604f355025148cf15af84d5e18a5c839ef2be669ea22b765dc96b0173491e7ca11e49d19ebf92ed3e959154036bd87247a7a19319e32972758a087960530528b6ea2963ccd034db848fae52c1c2e985ad70ded8b692cb80d49ccb7dc3000fbfba1a69a2ba5a3d980220036e722732d40ab1e52983240a347171aadb02e535df7fed429a1ea4a8d31122ab24eb169d80e0358384bfdbb703bf3e2c9fb5b88aefcb4ea5395416da5eab9725aaa6ea1d1108155b553d8d351c59d23efae54b3ecd32ace07632bfe783646262189a4376ba8384ea4dd716b7633b5fb274ede77a94ae0cd04cf8b43c26858a4f1ea151fe14ad3c06e553f288d1905a8d34ee714cbd3d8d588a5437396204336ab35d8f25ee6164980771038551cb6c04ec844255f4cf5ba4ff61b9d003ee1ce2696a7f6dd9263dd0818d56fd3d4eaa48bddef604d3e14448046ff82ab289f968ae672cf997cf8654a82ccda21757313e5069dfd453e009fd1b89832c8b12c380968f3fe618fae439d4c9c4a185bc8187d96e8e99a19a751a159f8403cb46b1f936f107cf5d48cb9b7dba92e079d72a797a1936239ee71f978395671f0bef63ddbf41a78eb998fb8ad39d2235f243f7a0ae307d372d3f7bfc949d", 0x1000)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r5, &(0x7f00000015c0)={0x11, 0x10, 0xfa00, {&(0x7f0000001500), r6}}, 0x18)

[  978.421541] FAT-fs (loop3): bogus number of reserved sectors
[  978.432534] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  978.445438] FAT-fs (loop3): Can't find a valid FAT filesystem
[  978.481125] FAULT_INJECTION: forcing a failure.
[  978.481125] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  978.492969] CPU: 0 PID: 13559 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  978.501480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  978.510844] Call Trace:
[  978.513465]  dump_stack+0x244/0x39d
[  978.517120]  ? dump_stack_print_info.cold.1+0x20/0x20
[  978.522334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.527903]  should_fail.cold.4+0xa/0x17
[  978.531988]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  978.537115]  ? is_bpf_text_address+0xac/0x170
[  978.541632]  ? check_preemption_disabled+0x48/0x280
[  978.546673]  ? mark_held_locks+0x130/0x130
[  978.550932]  ? rcu_softirq_qs+0x20/0x20
[  978.554920]  ? rcu_softirq_qs+0x20/0x20
[  978.558908]  ? unwind_dump+0x190/0x190
[  978.562819]  ? is_bpf_text_address+0xd3/0x170
[  978.562841]  ? kernel_text_address+0x79/0xf0
[  978.562862]  ? unwind_get_return_address+0x61/0xa0
[  978.562882]  ? __save_stack_trace+0x8d/0xf0
[  978.562904]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.576741]  ? should_fail+0x22d/0xd01
[  978.576763]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  978.576792]  __alloc_pages_nodemask+0x34b/0xdd0
[  978.576807]  ? save_stack+0x43/0xd0
[  978.576821]  ? kasan_kmalloc+0xc7/0xe0
[  978.576838]  ? __kmalloc_track_caller+0x157/0x760
[  978.576851]  ? kmemdup_nul+0x31/0xa0
[  978.576872]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[  978.576886]  ? do_mount+0x70c/0x1d90
[  978.576905]  ? __x64_sys_mount+0xbe/0x150
[  978.590643]  ? do_syscall_64+0x1b9/0x820
[  978.590665]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  978.590690]  ? find_held_lock+0x36/0x1c0
[  978.590745]  ? trace_hardirqs_off+0xb8/0x310
[  978.621558]  cache_grow_begin+0xa5/0x8c0
[  978.621580]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  978.621598]  ? check_preemption_disabled+0x48/0x280
[  978.621624]  __kmalloc_track_caller+0x69b/0x760
[  978.621639]  ? __lock_is_held+0xb5/0x140
[  978.621663]  ? match_strdup+0x57/0x80
[  978.651433]  kmemdup_nul+0x31/0xa0
[  978.651468]  match_strdup+0x57/0x80
03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x860c000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x3000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x400300, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x8001a0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  978.651490]  ovl_fill_super+0xc59/0x3f33
[  978.651513]  ? vfs_get_super+0x270/0x270
[  978.651545]  ? ovl_show_options+0x550/0x550
[  978.670838]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.670861]  ? get_anon_bdev+0xc0/0xc0
[  978.670877]  ? sget+0x113/0x150
[  978.670899]  ? ovl_show_options+0x550/0x550
[  978.670917]  mount_nodev+0x73/0x120
[  978.689983]  ? ovl_own_xattr_set+0x10/0x10
[  978.690001]  ovl_mount+0x34/0x40
[  978.690022]  legacy_get_tree+0x131/0x460
[  978.690046]  vfs_get_tree+0x1cb/0x5c0
03:45:01 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000140)={<r2=>0x0, @multicast1, @dev}, &(0x7f0000000180)=0xc)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000001c0)={r2, 0x1, 0x6, @local}, 0x10)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  978.690061]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  978.690080]  do_mount+0x70c/0x1d90
[  978.707081]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  978.707106]  ? copy_mount_string+0x40/0x40
[  978.707129]  ? copy_mount_options+0x5f/0x430
[  978.707150]  ? kmem_cache_alloc_trace+0x353/0x750
[  978.707173]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  978.715119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  978.715135]  ? copy_mount_options+0x315/0x430
[  978.715159]  ksys_mount+0x12d/0x140
[  978.715180]  __x64_sys_mount+0xbe/0x150
[  978.715203]  do_syscall_64+0x1b9/0x820
[  978.715222]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  978.715243]  ? syscall_return_slowpath+0x5e0/0x5e0
[  978.715263]  ? trace_hardirqs_on_caller+0x310/0x310
[  978.715281]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  978.715299]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  978.715313]  ? __switch_to_asm+0x40/0x70
[  978.715325]  ? __switch_to_asm+0x34/0x70
[  978.715349]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  978.715375]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  978.735549] RIP: 0033:0x457569
[  978.735568] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  978.735577] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  978.735594] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  978.735604] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  978.735614] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  978.735625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  978.735634] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  978.811581] openvswitch: netlink: Key type 12288 is out of range max 29
[  978.841299] openvswitch: netlink: Key type 12288 is out of range max 29
03:45:01 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1f00}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:01 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xc86, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:01 executing program 4 (fault-call:2 fault-nth:49):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:01 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000300)=ANY=[@ANYBLOB="050000009c00000004cac22109005ed401c53894f7ec480b41847fda9e7deff6519cf907b0e8a68ae3a9f5c12ccc71294a93f58d7f938a9e78fa9434852516dc0321f6a3c7d8183fa9ca3c59fbd98bb4eb8b8d61e83ba248147aff5ecedd3cc3ed73ff334a62fc2810908a082affc5292748ea635f2aee5a620821949e1bbcaa828766eb72d60a7087bfdd40df07adc66cb9bf57a6335286aa6751f8f41c90d1ee6515dc5136d8ff8fa2a79438bdba3c75bba45e1ab70a8459c7929c2b6fba4b52ec3c651f9dd9c4de48e35f0e3e9e5ddf5d0a062cd8c07e3d79e58a259fb62823d4aec253a28fdbaed80c21985575a9697166f8f90cd9835724811b96dbe39e92fc2e34907e00000000000000000000000000000000000000000000000000"])
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000140)={0x0, r0})
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x2000, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:01 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
accept$packet(0xffffffffffffff9c, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000800)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:01 executing program 1:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/current\x00', 0x2, 0x0)
r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x9, 0x602000)
dup3(r0, r1, 0x80000)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
ioctl$EXT4_IOC_MIGRATE(r3, 0x6609)
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0)

03:45:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xfffffff0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  979.130391] FAT-fs (loop3): bogus number of reserved sectors
03:45:02 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f0000000400)=""/199)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:02 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x4}}, 0xa)

[  979.171789] FAT-fs (loop3): Can't find a valid FAT filesystem
[  979.175939] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  979.242910] FAULT_INJECTION: forcing a failure.
[  979.242910] name failslab, interval 1, probability 0, space 0, times 0
03:45:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xffffffffa0018000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  979.291038] CPU: 0 PID: 13609 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  979.299566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.308935] Call Trace:
[  979.311546]  dump_stack+0x244/0x39d
[  979.315206]  ? dump_stack_print_info.cold.1+0x20/0x20
[  979.320422]  ? __lock_acquire+0x62f/0x4c20
[  979.324678]  ? kasan_check_read+0x11/0x20
[  979.328862]  should_fail.cold.4+0xa/0x17
[  979.332943]  ? fault_create_debugfs_attr+0x1f0/0x1f0
03:45:02 executing program 2:
r0 = dup(0xffffffffffffff9c)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@mcast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000080)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={0x0, <r2=>0x0}, &(0x7f0000000240)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000280)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@loopback}}, &(0x7f0000000380)=0xe8)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000400)=0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, <r5=>0x0}, &(0x7f0000000480)=0xc)
r6 = getgid()
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000640)={0x0, 0x0, <r9=>0x0}, &(0x7f0000000680)=0xc)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000006c0)={{}, {0x1, 0x2}, [{0x2, 0x7, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}], {}, [{0x8, 0x0, r4}, {0x8, 0x1, r5}, {0x8, 0x1, r6}, {0x8, 0x1, r7}, {0x8, 0x3, r8}, {0x8, 0x3, r9}], {0x10, 0x6}, {0x20, 0x1}}, 0x6c, 0x1)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r11 = fcntl$dupfd(r10, 0x406, r10)
bind$bt_rfcomm(r11, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r11, 0x800448d5, &(0x7f00000000c0))

03:45:02 executing program 1:
r0 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x926, 0x20000)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x111000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x90, r1, 0x0, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x40}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x7c}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x90}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000014)
umount2(&(0x7f0000000080)='./file0\x00', 0x9)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3a65787c}, 0x1}, 0xa)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000000)=0x3)

[  979.338071]  ? mark_held_locks+0x130/0x130
[  979.342347]  ? zap_class+0x640/0x640
[  979.346076]  ? __lock_acquire+0x62f/0x4c20
[  979.350322]  ? print_usage_bug+0xc0/0xc0
[  979.354401]  ? find_held_lock+0x36/0x1c0
[  979.358491]  ? __lock_is_held+0xb5/0x140
[  979.362582]  ? perf_trace_sched_process_exec+0x860/0x860
[  979.368060]  __should_failslab+0x124/0x180
[  979.372309]  should_failslab+0x9/0x14
[  979.376128]  kmem_cache_alloc+0x2be/0x730
[  979.380306]  alloc_vfsmnt+0xe9/0x990
[  979.384033]  ? delayed_free_vfsmnt+0x20/0x20
[  979.388472]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  979.393419]  ? kasan_check_read+0x11/0x20
[  979.397595]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  979.402892]  ? rcu_softirq_qs+0x20/0x20
[  979.406892]  ? find_held_lock+0x36/0x1c0
[  979.410976]  ? mark_held_locks+0xc7/0x130
[  979.415151]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  979.420265]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  979.425379]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  979.425399]  ? trace_hardirqs_on+0xbd/0x310
[  979.425412]  ? kasan_check_read+0x11/0x20
[  979.425426]  ? __percpu_counter_sum+0x135/0x1a0
[  979.425454]  ? trace_hardirqs_off_caller+0x300/0x300
[  979.425477]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  979.425508]  clone_mnt+0x124/0x13b0
[  979.425533]  ? kern_mount+0x70/0x70
[  979.425615]  ? ext4_fh_to_dentry+0x40/0x40
[  979.425632]  ? nd_jump_link+0x1d0/0x1d0
[  979.425658]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.453485]  ? flags_by_mnt+0x107/0x120
[  979.453506]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.453522]  ? vfs_statfs+0x188/0x1e0
[  979.453543]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.453565]  ? ovl_check_namelen.isra.9+0xe8/0x140
[  979.474534]  ? ovl_inode_init_once+0x20/0x20
[  979.474575]  clone_private_mount+0xba/0x100
[  979.474596]  ovl_fill_super+0xfb1/0x3f33
[  979.474617]  ? vfs_get_super+0x270/0x270
[  979.474646]  ? ovl_show_options+0x550/0x550
[  979.493506]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.493526]  ? get_anon_bdev+0xc0/0xc0
[  979.507181]  ? sget+0x113/0x150
[  979.507204]  ? ovl_show_options+0x550/0x550
[  979.507219]  mount_nodev+0x73/0x120
[  979.507240]  ? ovl_own_xattr_set+0x10/0x10
[  979.507257]  ovl_mount+0x34/0x40
[  979.507276]  legacy_get_tree+0x131/0x460
[  979.507298]  vfs_get_tree+0x1cb/0x5c0
[  979.507313]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  979.507330]  do_mount+0x70c/0x1d90
[  979.507349]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  979.507373]  ? copy_mount_string+0x40/0x40
[  979.515501]  ? copy_mount_options+0x5f/0x430
[  979.515523]  ? kmem_cache_alloc_trace+0x353/0x750
[  979.515545]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  979.515563]  ? _copy_from_user+0xdf/0x150
[  979.515585]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  979.515599]  ? copy_mount_options+0x315/0x430
[  979.515621]  ksys_mount+0x12d/0x140
[  979.525480]  __x64_sys_mount+0xbe/0x150
[  979.525505]  do_syscall_64+0x1b9/0x820
[  979.525525]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  979.525544]  ? syscall_return_slowpath+0x5e0/0x5e0
[  979.525564]  ? trace_hardirqs_on_caller+0x310/0x310
[  979.525581]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  979.525600]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  979.525617]  ? __switch_to_asm+0x40/0x70
[  979.532772]  ? __switch_to_asm+0x34/0x70
[  979.532797]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  979.532825]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  979.532838] RIP: 0033:0x457569
[  979.532856] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  979.540777] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  979.540793] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  979.540803] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  979.540813] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  979.540823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  979.540833] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  979.630461] overlayfs: failed to clone upperpath
03:45:02 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0c6}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x9effffff00000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:02 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0x7)

03:45:02 executing program 4 (fault-call:2 fault-nth:50):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:02 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000600)={@dev, @local}, &(0x7f0000000640)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:02 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x1, 0x9)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000200)={0x1000, {0x2, 0x4e24}, {0x2, 0x4e21, @rand_addr=0xfffffffffffffffd}, {0x2, 0x4e24, @local}, 0x4, 0x1000, 0x3a9, 0x2, 0x80000001, 0x0, 0x2, 0x636e, 0x4b38d80e})
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x8, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x3)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
setsockopt$inet6_tcp_buf(r3, 0x6, 0x1a, &(0x7f0000000080)="18b31f43353b9d3a7157c6ab4d93cf1ed6e89495de6cfbce1c2220b4dc195fa723be3e99b5b88ebeaf965d6f837bff3a30da1acf35dbe852c72ddee097ced32ec921d3da680e467e41dfd5735f3d2d38e637965a2d5996882535cb4d5a7fc66724cbc88b6230ba33ceeb9ed2558fb8e8a537e72f744d87e1c607c5432e9199ff8a630ab4814919e2259040782d237c8072befd9286838e000c9b1b5b36f105c59647d6e61a11579bda0ce181d042edfbb7285270e0a669622d0dd66709cf6076b89a20d4a16f04ecb7f93a4504bc73b877657775ffbf41c09f73d81aa0439eb06cdb5e0b38da7b1a6d2c2813", 0xec)
r4 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r4, &(0x7f0000000040), 0x2)
fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f0000000000))

[  979.851805] FAT-fs (loop3): bogus number of reserved sectors
[  979.866471] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  979.872861] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:02 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2a0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  979.909503] FAULT_INJECTION: forcing a failure.
[  979.909503] name failslab, interval 1, probability 0, space 0, times 0
03:45:02 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet6_udp_int(r1, 0x11, 0x6f, &(0x7f0000000000), &(0x7f0000000080)=0x4)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:02 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x406, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  979.956984] CPU: 0 PID: 13648 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  979.965511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  979.974887] Call Trace:
[  979.977503]  dump_stack+0x244/0x39d
[  979.981161]  ? dump_stack_print_info.cold.1+0x20/0x20
[  979.986410]  should_fail.cold.4+0xa/0x17
[  979.990502]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  979.995635]  ? zap_class+0x640/0x640
[  979.999359]  ? save_stack+0xa9/0xd0
[  980.003010]  ? save_stack+0x43/0xd0
03:45:02 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x800000000000005)
ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x1000000009, 0x1b, 0x249e24, 0x8000000001, 0x2}, 0x27)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000040), &(0x7f0000000000), 0x2}, 0x20)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x800, 0x0)
ioctl$UI_DEV_DESTROY(r2, 0x5502)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000001c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r2, &(0x7f0000000240)={0x16, 0x98, 0xfa00, {&(0x7f0000000180), 0x4, r3, 0x30, 0x0, @in6={0xa, 0x4e23, 0x6, @mcast2, 0x6}}}, 0xa0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair(0xb, 0x801, 0x2, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r5, 0x408c5333, &(0x7f0000000080)={0x6e9d, 0x800, 0x2, 'queue0\x00', 0x6})
r7 = fcntl$dupfd(r6, 0x0, r4)
bind$bt_rfcomm(r7, &(0x7f0000000040), 0x2)

[  980.006648]  ? kasan_kmalloc+0xc7/0xe0
[  980.010549]  ? __kmalloc_track_caller+0x157/0x760
[  980.015417]  ? find_held_lock+0x36/0x1c0
[  980.019515]  ? __lock_is_held+0xb5/0x140
[  980.023607]  ? perf_trace_sched_process_exec+0x860/0x860
[  980.029067]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.034617]  ? check_preemption_disabled+0x48/0x280
[  980.039668]  __should_failslab+0x124/0x180
[  980.043925]  should_failslab+0x9/0x14
[  980.047761]  kmem_cache_alloc+0x2be/0x730
[  980.051938]  getname_kernel+0x54/0x370
[  980.055831]  kern_path+0x1e/0x40
[  980.059218]  ovl_mount_dir_noesc+0x6b/0x190
[  980.063556]  ovl_mount_dir+0x10a/0x1c0
[  980.067483]  ovl_fill_super+0x846/0x3f33
[  980.071564]  ? vfs_get_super+0x270/0x270
[  980.071597]  ? ovl_show_options+0x550/0x550
[  980.071641]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.085547]  ? get_anon_bdev+0xc0/0xc0
[  980.085563]  ? sget+0x113/0x150
[  980.085586]  ? ovl_show_options+0x550/0x550
[  980.085601]  mount_nodev+0x73/0x120
[  980.085622]  ? ovl_own_xattr_set+0x10/0x10
[  980.085637]  ovl_mount+0x34/0x40
[  980.085655]  legacy_get_tree+0x131/0x460
[  980.085684]  vfs_get_tree+0x1cb/0x5c0
[  980.092845]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  980.105020]  do_mount+0x70c/0x1d90
[  980.105041]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  980.105063]  ? copy_mount_string+0x40/0x40
[  980.105085]  ? copy_mount_options+0x5f/0x430
[  980.105106]  ? kmem_cache_alloc_trace+0x353/0x750
[  980.105127]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  980.105150]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.105168]  ? copy_mount_options+0x315/0x430
[  980.121142]  ksys_mount+0x12d/0x140
[  980.121164]  __x64_sys_mount+0xbe/0x150
[  980.121187]  do_syscall_64+0x1b9/0x820
[  980.121206]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  980.121232]  ? syscall_return_slowpath+0x5e0/0x5e0
[  980.130303]  ? trace_hardirqs_on_caller+0x310/0x310
[  980.130323]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  980.130343]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  980.130358]  ? __switch_to_asm+0x40/0x70
[  980.130370]  ? __switch_to_asm+0x34/0x70
03:45:03 executing program 4 (fault-call:2 fault-nth:51):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf0, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  980.130413]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  980.139057]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  980.139072] RIP: 0033:0x457569
[  980.139089] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  980.139098] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.139118] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  980.149507] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  980.149516] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  980.149537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  980.149545] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  980.155199] overlayfs: failed to resolve './file0': -12
[  980.338299] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  980.380431] FAULT_INJECTION: forcing a failure.
[  980.380431] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  980.392290] CPU: 1 PID: 13677 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  980.400787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  980.410144] Call Trace:
[  980.412754]  dump_stack+0x244/0x39d
[  980.416407]  ? dump_stack_print_info.cold.1+0x20/0x20
[  980.421621]  ? zap_class+0x640/0x640
[  980.425359]  should_fail.cold.4+0xa/0x17
[  980.429459]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  980.434582]  ? find_held_lock+0x36/0x1c0
[  980.438673]  ? mark_held_locks+0x130/0x130
[  980.442919]  ? check_preemption_disabled+0x48/0x280
[  980.442945]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  980.442964]  ? kasan_check_read+0x11/0x20
[  980.457051]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  980.462350]  ? rcu_softirq_qs+0x20/0x20
[  980.466344]  ? rcu_softirq_qs+0x20/0x20
[  980.470335]  ? unwind_dump+0x190/0x190
[  980.474257]  ? is_bpf_text_address+0xd3/0x170
03:45:03 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb3f0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:03 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000000))
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0xfffffffffffffffb, 0x0, 0x0, 0xfffffffffffffffd, 0x5, 0x6}, 0xfffffffffffffffc}, 0xff70)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000100)=0xde)
pipe(&(0x7f0000000080))
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x200000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:03 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socketpair(0x17, 0x5, 0x8, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000080)={0x0, {{0x2, 0x4e20, @broadcast}}}, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:03 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  980.478775]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.484326]  ? should_fail+0x22d/0xd01
[  980.488243]  ? unwind_get_return_address+0x61/0xa0
[  980.493184]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  980.498323]  __alloc_pages_nodemask+0x34b/0xdd0
[  980.503019]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[  980.508043]  ? save_stack+0x43/0xd0
[  980.511677]  ? kasan_kmalloc+0xc7/0xe0
[  980.515579]  ? __kmalloc_track_caller+0x157/0x760
[  980.520460]  ? find_held_lock+0x36/0x1c0
[  980.524572]  ? trace_hardirqs_off+0xb8/0x310
[  980.524595]  cache_grow_begin+0xa5/0x8c0
[  980.533061]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  980.538625]  ? check_preemption_disabled+0x48/0x280
[  980.543675]  kmem_cache_alloc+0x66b/0x730
[  980.547860]  getname_kernel+0x54/0x370
[  980.551765]  kern_path+0x1e/0x40
[  980.555150]  ovl_mount_dir_noesc+0x6b/0x190
[  980.559500]  ovl_mount_dir+0x10a/0x1c0
[  980.563417]  ovl_fill_super+0x846/0x3f33
[  980.567514]  ? vfs_get_super+0x270/0x270
[  980.571618]  ? ovl_show_options+0x550/0x550
[  980.575986]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:45:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x300000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  980.576008]  ? get_anon_bdev+0xc0/0xc0
[  980.576022]  ? sget+0x113/0x150
[  980.576043]  ? ovl_show_options+0x550/0x550
[  980.576061]  mount_nodev+0x73/0x120
[  980.593084]  ? ovl_own_xattr_set+0x10/0x10
[  980.593102]  ovl_mount+0x34/0x40
[  980.593121]  legacy_get_tree+0x131/0x460
[  980.593143]  vfs_get_tree+0x1cb/0x5c0
[  980.604349]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  980.604368]  do_mount+0x70c/0x1d90
[  980.604389]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  980.604411]  ? copy_mount_string+0x40/0x40
[  980.604433]  ? copy_mount_options+0x5f/0x430
[  980.604467]  ? kmem_cache_alloc_trace+0x353/0x750
[  980.604488]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  980.617141]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  980.617158]  ? copy_mount_options+0x315/0x430
[  980.617181]  ksys_mount+0x12d/0x140
[  980.617200]  __x64_sys_mount+0xbe/0x150
[  980.617230]  do_syscall_64+0x1b9/0x820
[  980.626292]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  980.626314]  ? syscall_return_slowpath+0x5e0/0x5e0
03:45:03 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {}, 0x5}, 0xeb)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  980.626335]  ? trace_hardirqs_on_caller+0x310/0x310
[  980.626354]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  980.626373]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  980.626388]  ? __switch_to_asm+0x40/0x70
[  980.626406]  ? __switch_to_asm+0x34/0x70
[  980.645410]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  980.645440]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  980.645465] RIP: 0033:0x457569
03:45:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf0ffffffffffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  980.645482] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  980.645491] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.645507] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  980.645516] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  980.645531] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  980.659170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  980.659180] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:03 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/mixer\x00', 0x2000fe, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000200)='/dev/vcsa#\x00', 0x9, 0x80002)
write$P9_RSTAT(r2, &(0x7f00000002c0)={0x5c, 0x7d, 0x2, {0x0, 0x55, 0x4, 0x4, {0x90, 0x1, 0x2}, 0x4100000, 0x100000000, 0x6, 0x4, 0xb, '/dev/mixer\x00', 0x1, '*', 0xb, '/dev/mixer\x00', 0xb, '/dev/mixer\x00'}}, 0x5c)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000080)={<r3=>0x0, 0x9, 0x30, 0x5, 0x8}, &(0x7f00000000c0)=0x18)
rmdir(&(0x7f0000000000)='./file0\x00')
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000100)={r3, @in6={{0xa, 0x4e20, 0x0, @mcast2, 0x2}}}, &(0x7f00000001c0)=0x84)
r4 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r4, &(0x7f0000000040), 0x2)
ioctl$SCSI_IOCTL_START_UNIT(r2, 0x5)

03:45:03 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xa0020000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  980.825619] FAT-fs (loop3): bogus number of reserved sectors
[  980.844997] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:03 executing program 4 (fault-call:2 fault-nth:52):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:03 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x210000)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  981.083197] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  981.128055] FAULT_INJECTION: forcing a failure.
[  981.128055] name failslab, interval 1, probability 0, space 0, times 0
[  981.141014] CPU: 0 PID: 13727 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  981.149525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.149532] Call Trace:
[  981.149559]  dump_stack+0x244/0x39d
[  981.149587]  ? dump_stack_print_info.cold.1+0x20/0x20
[  981.170329]  should_fail.cold.4+0xa/0x17
[  981.174420]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  981.174477]  ? zap_class+0x640/0x640
[  981.174492]  ? zap_class+0x640/0x640
[  981.174517]  ? find_held_lock+0x36/0x1c0
[  981.174538]  ? __lock_is_held+0xb5/0x140
[  981.183469]  ? perf_trace_sched_process_exec+0x860/0x860
[  981.183509]  ? kfree+0x1f8/0x230
[  981.191273]  ? ida_alloc_range+0x953/0xc70
[  981.200776]  __should_failslab+0x124/0x180
[  981.200795]  should_failslab+0x9/0x14
[  981.200816]  __kmalloc_track_caller+0x2d1/0x760
[  981.208406]  ? kstrdup_const+0x66/0x80
[  981.208431]  kstrdup+0x39/0x70
[  981.216470]  kstrdup_const+0x66/0x80
[  981.216491]  alloc_vfsmnt+0x186/0x990
[  981.216510]  ? delayed_free_vfsmnt+0x20/0x20
[  981.216532]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  981.225112]  ? kasan_check_read+0x11/0x20
[  981.225131]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  981.225150]  ? rcu_softirq_qs+0x20/0x20
[  981.225170]  ? find_held_lock+0x36/0x1c0
[  981.225196]  ? mark_held_locks+0xc7/0x130
[  981.232103]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  981.232122]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[  981.232141]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  981.240332]  ? trace_hardirqs_on+0xbd/0x310
[  981.240345]  ? kasan_check_read+0x11/0x20
[  981.240364]  ? __percpu_counter_sum+0x135/0x1a0
[  981.249424]  ? trace_hardirqs_off_caller+0x300/0x300
[  981.249457]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  981.249487]  clone_mnt+0x124/0x13b0
[  981.258726]  ? kern_mount+0x70/0x70
[  981.258749]  ? ext4_fh_to_dentry+0x40/0x40
[  981.266937]  ? nd_jump_link+0x1d0/0x1d0
[  981.266967]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.266984]  ? flags_by_mnt+0x107/0x120
[  981.267002]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.267021]  ? vfs_statfs+0x188/0x1e0
[  981.277218]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.277238]  ? ovl_check_namelen.isra.9+0xe8/0x140
[  981.277256]  ? ovl_inode_init_once+0x20/0x20
[  981.277291]  clone_private_mount+0xba/0x100
[  981.286172]  ovl_fill_super+0xfb1/0x3f33
[  981.286194]  ? vfs_get_super+0x270/0x270
[  981.286224]  ? ovl_show_options+0x550/0x550
[  981.286269]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.295068]  ? get_anon_bdev+0xc0/0xc0
[  981.295083]  ? sget+0x113/0x150
[  981.295104]  ? ovl_show_options+0x550/0x550
[  981.295120]  mount_nodev+0x73/0x120
[  981.295141]  ? ovl_own_xattr_set+0x10/0x10
[  981.305246]  ovl_mount+0x34/0x40
[  981.305265]  legacy_get_tree+0x131/0x460
[  981.305287]  vfs_get_tree+0x1cb/0x5c0
[  981.305303]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  981.305320]  do_mount+0x70c/0x1d90
[  981.312567]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  981.312588]  ? copy_mount_string+0x40/0x40
[  981.312608]  ? copy_mount_options+0x5f/0x430
[  981.320813]  ? kmem_cache_alloc_trace+0x353/0x750
[  981.320834]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  981.320856]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  981.330380]  ? copy_mount_options+0x315/0x430
[  981.330401]  ksys_mount+0x12d/0x140
[  981.330431]  __x64_sys_mount+0xbe/0x150
[  981.339769]  do_syscall_64+0x1b9/0x820
[  981.339789]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  981.339809]  ? syscall_return_slowpath+0x5e0/0x5e0
[  981.350270]  ? trace_hardirqs_on_caller+0x310/0x310
[  981.350289]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  981.350312]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  981.359028]  ? __switch_to_asm+0x40/0x70
[  981.359041]  ? __switch_to_asm+0x34/0x70
[  981.359064]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  981.501401]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  981.506580] RIP: 0033:0x457569
[  981.509776] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:45:04 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0b4}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:04 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x4, r0)
write$P9_RXATTRWALK(r1, &(0x7f0000000000)={0xf, 0x1f, 0x2, 0x5}, 0xf)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf0ffffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:04 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000440)={'vcan0\x00'})
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:04 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/autofs\x00', 0x101001, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{}, 0x0, @in=@rand_addr}}, &(0x7f00000003c0)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000440)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000540)={'team0\x00', <r5=>0x0})
accept4$packet(0xffffffffffffff9c, &(0x7f0000000580)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000005c0)=0x14, 0x800)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000640)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000680)={0x11, 0x0, <r8=>0x0}, &(0x7f00000006c0)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000700)={<r9=>0x0, @local, @loopback}, &(0x7f0000000740)=0xc)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000780)={@dev, @multicast1, <r10=>0x0}, &(0x7f00000007c0)=0xc)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x15, &(0x7f0000000900)={@ipv4={[], [], @multicast1}, <r11=>0x0}, &(0x7f0000000940)=0xfffffffffffffc98)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000980)={@ipv4={[], [], @multicast1}, <r12=>0x0}, &(0x7f00000009c0)=0x14)
accept(r0, &(0x7f0000000a00)=@can={0x1d, <r13=>0x0}, &(0x7f0000000a80)=0x80)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000ac0)={{{@in=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@local}}, &(0x7f0000000bc0)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000e80)={{{@in=@rand_addr, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@multicast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000f80)=0xe8)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000fc0)={0x11, 0x0, <r16=>0x0}, &(0x7f0000001000)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000001040)={'vcan0\x00', <r17=>0x0})
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001080)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000010c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000001100)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001140)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001180)={'team0\x00', <r20=>0x0})
accept4$packet(0xffffffffffffff9c, &(0x7f00000011c0)={0x11, 0x0, <r21=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001200)=0x14, 0x80000)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001240)={0x11, 0x0, <r22=>0x0}, &(0x7f0000001280)=0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000012c0)={'veth1_to_team\x00', <r23=>0x0})
getsockname$packet(0xffffffffffffffff, &(0x7f0000001300)={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001340)=0x14)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x27, &(0x7f000000d2c0)={@remote, @loopback, <r25=>0x0}, &(0x7f000000d300)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f000000d340)={{{@in=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r26=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast1}}, &(0x7f000000d440)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f000000d480)={<r27=>0x0, @multicast2, @rand_addr}, &(0x7f000000d4c0)=0xc)
accept4$packet(0xffffffffffffff9c, &(0x7f000000d500)={0x11, 0x0, <r28=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f000000d540)=0x14, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000d580)={{{@in=@broadcast, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r29=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@local}}, &(0x7f000000d680)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f000000d6c0)={0x11, 0x0, <r30=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f000000d700)=0x14)
recvmmsg(r0, &(0x7f0000014100)=[{{&(0x7f000000d740)=@can={0x1d, <r31=>0x0}, 0x80, &(0x7f000000e940)=[{&(0x7f000000d7c0)=""/106, 0x6a}, {&(0x7f000000d840)=""/50, 0x32}, {&(0x7f000000d880)=""/137, 0x89}, {&(0x7f000000d940)=""/4096, 0x1000}], 0x4, &(0x7f000000e980)=""/4096, 0x1000, 0xfffffffffffff034}, 0x5}, {{&(0x7f000000f980)=@nl, 0x80, &(0x7f000000fac0)=[{&(0x7f000000fa00)=""/156, 0x9c}], 0x1, &(0x7f000000fb00)=""/206, 0xce, 0x5a}, 0x7}, {{0x0, 0x0, &(0x7f0000010d80)=[{&(0x7f000000fc00)=""/200, 0xc8}, {&(0x7f000000fd00)=""/109, 0x6d}, {&(0x7f000000fd80)=""/4096, 0x1000}], 0x3, &(0x7f0000010dc0)=""/9, 0x9, 0x6}, 0x5}, {{&(0x7f0000010e00)=@pppoe={0x18, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000012200)=[{&(0x7f0000010e80)=""/124, 0x7c}, {&(0x7f0000010f00)=""/4096, 0x1000}, {&(0x7f0000011f00)=""/62, 0x3e}, {&(0x7f0000011f40)=""/120, 0x78}, {&(0x7f0000011fc0)=""/65, 0x41}, {&(0x7f0000012040)=""/115, 0x73}, {&(0x7f00000120c0)=""/62, 0x3e}, {&(0x7f0000012100)=""/236, 0xec}], 0x8, &(0x7f0000012280)=""/4096, 0x1000, 0x3}, 0x6}, {{&(0x7f0000013280)=@ax25, 0x80, &(0x7f0000013680)=[{&(0x7f0000013300)=""/186, 0xba}, {&(0x7f00000133c0)=""/251, 0xfb}, {&(0x7f00000134c0)=""/129, 0x81}, {&(0x7f0000013580)}, {&(0x7f00000135c0)=""/184, 0xb8}], 0x5, &(0x7f0000013700)=""/221, 0xdd, 0x7}}, {{&(0x7f0000013800)=@nl=@proc, 0x80, &(0x7f0000013a00)=[{&(0x7f0000013880)=""/74, 0x4a}, {&(0x7f0000013900)=""/28, 0x1c}, {&(0x7f0000013940)=""/178, 0xb2}], 0x3, &(0x7f0000013a40)=""/203, 0xcb}, 0x1000}, {{&(0x7f0000013b40)=@un=@abs, 0x80, &(0x7f0000013d40)=[{&(0x7f0000013bc0)=""/197, 0xc5}, {&(0x7f0000013cc0)=""/108, 0x6c}], 0x2, &(0x7f0000013d80)=""/42, 0x2a, 0x1}, 0xfffffffffffffffd}, {{&(0x7f0000013dc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000014000)=[{&(0x7f0000013e40)=""/88, 0x58}, {&(0x7f0000013ec0)=""/116, 0x74}, {&(0x7f0000013f40)=""/163, 0xa3}], 0x3, &(0x7f0000014040)=""/183, 0xb7, 0x5}, 0x1000}], 0x8, 0x10140, 0x0)
clock_gettime(0x0, &(0x7f0000016480)={<r32=>0x0, <r33=>0x0})
recvmmsg(r0, &(0x7f0000016340)=[{{&(0x7f0000014300)=@un=@abs, 0x80, &(0x7f0000015380)=[{&(0x7f0000014380)=""/4096, 0x1000}], 0x1, &(0x7f00000153c0)=""/122, 0x7a, 0x6}, 0x800}, {{&(0x7f0000015440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000015b00)=[{&(0x7f00000154c0)=""/194, 0xc2}, {&(0x7f00000155c0)=""/151, 0x97}, {&(0x7f0000015680)=""/117, 0x75}, {&(0x7f0000015700)=""/74, 0x4a}, {&(0x7f0000015780)=""/30, 0x1e}, {&(0x7f00000157c0)=""/176, 0xb0}, {&(0x7f0000015880)}, {&(0x7f00000158c0)=""/218, 0xda}, {&(0x7f00000159c0)=""/184, 0xb8}, {&(0x7f0000015a80)=""/125, 0x7d}], 0xa, 0x0, 0x0, 0x7}, 0x3}, {{&(0x7f0000015bc0)=@llc, 0x80, &(0x7f0000015d40)=[{&(0x7f0000015c40)=""/234, 0xea}], 0x1, &(0x7f0000015d80)=""/110, 0x6e, 0x6}, 0x2}, {{&(0x7f0000015e00)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000016000)=[{&(0x7f0000015e80)=""/156, 0x9c}, {&(0x7f0000015f40)=""/95, 0x5f}, {&(0x7f0000015fc0)=""/60, 0x3c}], 0x3, &(0x7f0000016040)=""/130, 0x82, 0xf9cd}, 0x1f}, {{&(0x7f0000016100)=@xdp={0x2c, 0x0, <r34=>0x0}, 0x80, &(0x7f0000016300)=[{&(0x7f0000016180)=""/167, 0xa7}, {&(0x7f0000016240)=""/179, 0xb3}], 0x2, 0x0, 0x0, 0x4}, 0x6}], 0x5, 0x10100, &(0x7f00000164c0)={r32, r33+10000000})
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000016500)={@multicast1, @broadcast, <r35=>0x0}, &(0x7f0000016540)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000016580)={{{@in=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r36=>0x0}}, {{@in=@rand_addr}, 0x0, @in6=@remote}}, &(0x7f0000016680)=0xe8)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000166c0)={@mcast1, <r37=>0x0}, &(0x7f0000016700)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000016740)={{{@in=@rand_addr, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r38=>0x0}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000016840)=0xe8)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000174c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x140000}, 0xc, &(0x7f0000017480)={&(0x7f0000001380)=ANY=[@ANYBLOB="e80b0000", @ANYRES16=r2, @ANYBLOB="10042abd7000fddbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="b800020038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400010000803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000300000008000600", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="b40002003c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000000c000400030032003f0000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000900000008000100", @ANYRES32=r7, @ANYBLOB="780002003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004008702000008000100", @ANYRES32=r9, @ANYBLOB="28020200400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000500000008000600", @ANYRES32=r10, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e00000008000400cc01000008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000200000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r12, @ANYBLOB="080007000000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400000000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c000400686173680000000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000800000008000600", @ANYRES32=r13, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000600", @ANYRES32=r14, @ANYBLOB="08000100", @ANYRES32=r15, @ANYBLOB="fc010200400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004007f00000008000600", @ANYRES32=r16, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004004c00000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000000008008000600", @ANYRES32=r17, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000500000044000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000140004006163746976656261636b7570000000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c00040068617368000000004c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r19, @ANYBLOB="600102003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r20, @ANYBLOB="3c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c000400686173680000000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000080003000300000008000400030000003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r21, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r22, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74651e45fa6afd110ae37276616c000001000000000800030003000000080004008dd26c9922288d920f936dc5200e8a1594032a8156611aa14a822587bb0c26c1022dfbe1f63a9264665c89ecba3f5ff49264f27ad1f39ad4a4836ab1bee8ae33ca3ed378fd727cd8c23f70d83c218c3cfedfcff62e8e0063e80af1bf7e9462cf486ae49ebc7aee7c75c520d3ae64c11fcdd958d6824f36d28be96dec28aa", @ANYRES32=r23, @ANYBLOB="400002003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r24, @ANYBLOB="08000100", @ANYRES32=r25, @ANYBLOB="4400020040000100240001006d6f646500000000000000000000000000000000000000000000000000000000080003000500000010000400726f756e64726f62696e000008000100", @ANYRES32=r26, @ANYBLOB="680102003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r27, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400000800003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r28, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r29, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r30, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000900000008000600", @ANYRES32=r31, @ANYBLOB="08000100", @ANYRES32=r34, @ANYBLOB="300202003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c00040068617368000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r35, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r36, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000000010008000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r37, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r38, @ANYBLOB="080007000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400fcffffff4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e6700000000"], 0xbe8}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
r39 = fcntl$dupfd(r0, 0x0, r0)
setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, "eb8037"}, 0x4, 0x1)
getsockopt$inet_pktinfo(r39, 0x0, 0x8, &(0x7f0000000080)={<r40=>0x0, @broadcast, @broadcast}, &(0x7f0000000180)=0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', r40})
bind$bt_rfcomm(r39, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x5}}, 0xa)
ioctl$FS_IOC_SETVERSION(r39, 0x800448d5, &(0x7f00000000c0))

[  981.528661] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  981.536352] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  981.543625] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  981.550888] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  981.558142] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  981.565399] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  981.575246] overlayfs: failed to clone upperpath
03:45:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xf, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:04 executing program 4 (fault-call:2 fault-nth:53):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:04 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={<r1=>r0})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000080)={r0})
lsetxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@v1={0x2, "f35b44fb34ae400ff9ed83"}, 0xc, 0x1)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

[  981.667743] FAT-fs (loop3): bogus number of reserved sectors
[  981.695434] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  981.745765] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  981.783294] FAULT_INJECTION: forcing a failure.
[  981.783294] name failslab, interval 1, probability 0, space 0, times 0
[  981.830327] CPU: 1 PID: 13756 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  981.838848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  981.838891] Call Trace:
[  981.850847]  dump_stack+0x244/0x39d
[  981.854527]  ? dump_stack_print_info.cold.1+0x20/0x20
[  981.859734]  ? __lock_acquire+0x62f/0x4c20
[  981.863999]  should_fail.cold.4+0xa/0x17
[  981.868080]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  981.873197]  ? __lock_acquire+0x62f/0x4c20
[  981.877470]  ? update_load_avg+0x2470/0x2470
[  981.881896]  ? zap_class+0x640/0x640
[  981.885635]  ? find_held_lock+0x36/0x1c0
[  981.885659]  ? __lock_is_held+0xb5/0x140
[  981.885694]  ? perf_trace_sched_process_exec+0x860/0x860
[  981.885724]  __should_failslab+0x124/0x180
[  981.893849]  should_failslab+0x9/0x14
[  981.893868]  kmem_cache_alloc+0x2be/0x730
[  981.893882]  ? print_usage_bug+0xc0/0xc0
[  981.893901]  ? zap_class+0x640/0x640
[  981.919276]  ? mark_held_locks+0x130/0x130
[  981.923541]  __d_alloc+0xc8/0xb90
[  981.927020]  ? trace_hardirqs_on+0xbd/0x310
[  981.931365]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  981.936404]  ? __lock_acquire+0x62f/0x4c20
[  981.940681]  ? lock_acquire+0x1ed/0x520
[  981.944670]  ? pcpu_alloc+0xbc9/0x15d0
[  981.948579]  ? print_usage_bug+0xc0/0xc0
[  981.952660]  ? __lock_acquire+0x62f/0x4c20
[  981.956918]  ? mark_held_locks+0x130/0x130
[  981.961195]  d_alloc+0x96/0x380
[  981.964508]  ? __d_alloc+0xb90/0xb90
[  981.968259]  d_alloc_parallel+0x15a/0x1f40
[  981.972509]  ? mark_held_locks+0x130/0x130
[  981.972525]  ? __lock_acquire+0x62f/0x4c20
[  981.972546]  ? pcpu_alloc+0x11a1/0x15d0
[  981.972563]  ? lock_downgrade+0x900/0x900
[  981.972583]  ? __d_lookup_rcu+0xaa0/0xaa0
[  981.993778]  ? zap_class+0x640/0x640
[  981.997515]  ? mark_held_locks+0x130/0x130
[  982.001770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.001787]  ? zap_class+0x640/0x640
[  982.001815]  ? zap_class+0x640/0x640
[  982.001837]  ? find_held_lock+0x36/0x1c0
[  982.001857]  ? zap_class+0x640/0x640
[  982.018877]  ? __lockdep_init_map+0x105/0x590
[  982.018898]  ? __lockdep_init_map+0x105/0x590
[  982.018918]  ? lockdep_init_map+0x9/0x10
[  982.018940]  ? __init_waitqueue_head+0x9e/0x150
[  982.027142]  ? init_wait_entry+0x1c0/0x1c0
[  982.027164]  ? lock_acquire+0x1ed/0x520
[  982.027187]  __lookup_slow+0x1e6/0x540
[  982.027205]  ? vfs_unlink+0x510/0x510
[  982.027253]  ? path_init+0x1ed0/0x1ed0
[  982.035790]  ? is_bpf_text_address+0xac/0x170
[  982.035811]  lookup_slow+0x57/0x80
[  982.035831]  walk_component+0x92b/0x2590
[  982.035849]  ? inode_permission+0xb2/0x560
[  982.035872]  ? pick_link+0xaf0/0xaf0
[  982.035902]  ? walk_component+0x2590/0x2590
[  982.044804]  ? __save_stack_trace+0x8d/0xf0
[  982.044838]  ? save_stack+0xa9/0xd0
[  982.044854]  ? save_stack+0x43/0xd0
[  982.044867]  ? kasan_kmalloc+0xc7/0xe0
[  982.044880]  ? kasan_slab_alloc+0x12/0x20
[  982.044895]  ? kmem_cache_alloc+0x12e/0x730
[  982.044916]  path_lookupat.isra.43+0x212/0xc00
[  982.052762]  ? do_mount+0x70c/0x1d90
[  982.052775]  ? ksys_mount+0x12d/0x140
[  982.052789]  ? __x64_sys_mount+0xbe/0x150
[  982.052811]  ? path_parentat.isra.41+0x160/0x160
03:45:04 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0xffffffffffffffff, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:04 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@loopback, @local}, &(0x7f0000000400)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:04 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x100000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  982.052827]  ? find_held_lock+0x36/0x1c0
[  982.052849]  ? zap_class+0x640/0x640
[  982.060534]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.060553]  ? check_preemption_disabled+0x48/0x280
[  982.060577]  filename_lookup+0x26a/0x520
[  982.060594]  ? nd_jump_link+0x1d0/0x1d0
[  982.060636]  ? rcu_read_lock_sched_held+0x14f/0x180
[  982.100375]  ? kmem_cache_alloc+0x33a/0x730
[  982.100410]  kern_path+0x33/0x40
[  982.100432]  ovl_mount_dir_noesc+0x6b/0x190
[  982.108911]  ovl_mount_dir+0x10a/0x1c0
[  982.108937]  ovl_fill_super+0x10e7/0x3f33
[  982.108959]  ? vfs_get_super+0x270/0x270
[  982.108991]  ? ovl_show_options+0x550/0x550
[  982.117314]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.117361]  ? get_anon_bdev+0xc0/0xc0
[  982.117376]  ? sget+0x113/0x150
[  982.117397]  ? ovl_show_options+0x550/0x550
[  982.117415]  mount_nodev+0x73/0x120
[  982.130111]  ? ovl_own_xattr_set+0x10/0x10
[  982.130129]  ovl_mount+0x34/0x40
[  982.130148]  legacy_get_tree+0x131/0x460
[  982.130171]  vfs_get_tree+0x1cb/0x5c0
[  982.130189]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  982.143490]  do_mount+0x70c/0x1d90
[  982.143512]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  982.143534]  ? copy_mount_string+0x40/0x40
[  982.143555]  ? copy_mount_options+0x5f/0x430
[  982.143577]  ? kmem_cache_alloc_trace+0x353/0x750
[  982.152647]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  982.152672]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.152688]  ? copy_mount_options+0x315/0x430
[  982.152709]  ksys_mount+0x12d/0x140
[  982.152733]  __x64_sys_mount+0xbe/0x150
[  982.161712]  do_syscall_64+0x1b9/0x820
[  982.161733]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  982.161753]  ? syscall_return_slowpath+0x5e0/0x5e0
[  982.161774]  ? trace_hardirqs_on_caller+0x310/0x310
[  982.161798]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  982.169474]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  982.169491]  ? __switch_to_asm+0x40/0x70
[  982.169505]  ? __switch_to_asm+0x34/0x70
[  982.169528]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  982.169559]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  982.177755] RIP: 0033:0x457569
[  982.177772] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  982.177781] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  982.177797] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  982.177807] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  982.177817] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
03:45:05 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xccf0000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:05 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2a0ffffffff, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:05 executing program 1:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r0, &(0x7f0000000040), 0x2)
getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f0000000080)=""/119, &(0x7f0000000000)=0x77)

03:45:05 executing program 4 (fault-call:2 fault-nth:54):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  982.177827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  982.177837] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  982.204469] overlayfs: failed to resolve './file1': -12
[  982.307100] FAT-fs (loop3): bogus number of reserved sectors
[  982.352812] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:05 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x0, 0x6}, 0x8)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  982.496365] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:05 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:05 executing program 1:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040), 0x2)

03:45:05 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x2000000000000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  982.542237] FAULT_INJECTION: forcing a failure.
[  982.542237] name failslab, interval 1, probability 0, space 0, times 0
03:45:05 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x0, 0x8, 0x0, 0x800, 0x4010000}, 0xfffffffffffffffc}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  982.625733] CPU: 0 PID: 13791 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  982.634264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  982.643630] Call Trace:
[  982.646235]  dump_stack+0x244/0x39d
[  982.649888]  ? dump_stack_print_info.cold.1+0x20/0x20
[  982.655095]  ? mark_held_locks+0x130/0x130
[  982.659356]  should_fail.cold.4+0xa/0x17
[  982.663430]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  982.668559]  ? lock_downgrade+0x900/0x900
[  982.672732]  ? lock_downgrade+0x900/0x900
[  982.676895]  ? kasan_check_read+0x11/0x20
[  982.681050]  ? do_raw_spin_unlock+0xa7/0x330
[  982.685476]  ? zap_class+0x640/0x640
[  982.689203]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  982.694267]  ? find_held_lock+0x36/0x1c0
[  982.698346]  ? __lock_is_held+0xb5/0x140
[  982.702455]  ? perf_trace_sched_process_exec+0x860/0x860
[  982.707939]  __should_failslab+0x124/0x180
[  982.712193]  should_failslab+0x9/0x14
[  982.716034]  __kmalloc_track_caller+0x2d1/0x760
[  982.720726]  ? do_raw_spin_unlock+0xa7/0x330
[  982.725160]  ? do_raw_spin_trylock+0x270/0x270
[  982.729761]  ? ovl_mount_dir+0x2a/0x1c0
[  982.733757]  kstrdup+0x39/0x70
[  982.736970]  ovl_mount_dir+0x2a/0x1c0
[  982.740797]  ovl_fill_super+0x10e7/0x3f33
[  982.744960]  ? vfs_get_super+0x270/0x270
[  982.744994]  ? ovl_show_options+0x550/0x550
[  982.745041]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.745061]  ? get_anon_bdev+0xc0/0xc0
[  982.745074]  ? sget+0x113/0x150
[  982.745093]  ? ovl_show_options+0x550/0x550
[  982.745113]  mount_nodev+0x73/0x120
03:45:05 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="23e0363c3466696c65302020656d302076626f786e657430656d305e202020637075736574657468302f20757365720a7541a4aa801ab3f78adf70fc04460023c4a6d5ff363e9038198c7ab6a5dae1e2be0303d19f44db881836e0387da1ec146031af98b0afd32422fc2365927db407457b13"], 0x73)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  982.753508]  ? ovl_own_xattr_set+0x10/0x10
[  982.753526]  ovl_mount+0x34/0x40
[  982.753544]  legacy_get_tree+0x131/0x460
[  982.753565]  vfs_get_tree+0x1cb/0x5c0
[  982.789653]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  982.789671]  do_mount+0x70c/0x1d90
[  982.789694]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  982.803524]  ? copy_mount_string+0x40/0x40
[  982.803546]  ? copy_mount_options+0x5f/0x430
[  982.803572]  ? kmem_cache_alloc_trace+0x353/0x750
[  982.809978] FAT-fs (loop3): bogus number of reserved sectors
[  982.812211]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  982.812235]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  982.812249]  ? copy_mount_options+0x315/0x430
[  982.812269]  ksys_mount+0x12d/0x140
[  982.822926]  __x64_sys_mount+0xbe/0x150
[  982.822949]  do_syscall_64+0x1b9/0x820
[  982.822972]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  982.844536] FAT-fs (loop3): Can't find a valid FAT filesystem
[  982.846120]  ? syscall_return_slowpath+0x5e0/0x5e0
[  982.846142]  ? trace_hardirqs_on_caller+0x310/0x310
[  982.846167]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:45:05 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x7ffffffe}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0xffffffffffff8000)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0)

[  982.871217]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  982.871236]  ? __switch_to_asm+0x40/0x70
[  982.871249]  ? __switch_to_asm+0x34/0x70
[  982.871272]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  982.871303]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  982.901311] RIP: 0033:0x457569
[  982.904539] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:45:05 executing program 4 (fault-call:2 fault-nth:55):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  982.923456] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  982.923473] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  982.923483] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  982.923493] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  982.923503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  982.923513] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  983.018975] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  983.077297] FAULT_INJECTION: forcing a failure.
[  983.077297] name failslab, interval 1, probability 0, space 0, times 0
[  983.089057] CPU: 0 PID: 13824 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  983.089144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  983.089151] Call Trace:
[  983.089176]  dump_stack+0x244/0x39d
[  983.089202]  ? dump_stack_print_info.cold.1+0x20/0x20
[  983.107076]  should_fail.cold.4+0xa/0x17
[  983.107098]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  983.107127]  ? mark_held_locks+0x130/0x130
[  983.107152]  ? find_held_lock+0x36/0x1c0
[  983.107181]  ? is_bpf_text_address+0xac/0x170
[  983.107203]  ? lock_downgrade+0x900/0x900
[  983.113408]  ? check_preemption_disabled+0x48/0x280
[  983.113434]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  983.113465]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  983.113485]  ? rcu_softirq_qs+0x20/0x20
[  983.113504]  ? rcu_softirq_qs+0x20/0x20
[  983.113523]  ? unwind_dump+0x190/0x190
[  983.122770]  ? zap_class+0x640/0x640
[  983.122796]  __should_failslab+0x124/0x180
[  983.122815]  should_failslab+0x9/0x14
[  983.122832]  kmem_cache_alloc+0x47/0x730
[  983.122855]  ? __es_tree_search.isra.12+0x1ba/0x220
[  983.122874]  ? find_held_lock+0x36/0x1c0
[  983.132209]  __es_insert_extent+0x30c/0x1120
[  983.132237]  ? ext4_es_free_extent+0x790/0x790
[  983.132256]  ? kasan_check_read+0x11/0x20
[  983.132271]  ? do_raw_write_lock+0x14f/0x310
[  983.132287]  ? do_raw_read_unlock+0x70/0x70
[  983.132301]  ? __lock_is_held+0xb5/0x140
[  983.132333]  ext4_es_insert_extent+0x352/0xbd0
[  983.160201]  ? ext4_es_scan_clu+0x50/0x50
[  983.160225]  ? __lock_is_held+0xb5/0x140
[  983.160260]  ? rcu_read_lock_sched_held+0x14f/0x180
[  983.175797]  ext4_ext_put_gap_in_cache+0x15f/0x1f0
[  983.175817]  ? ext4_rereserve_cluster+0x240/0x240
[  983.175837]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  983.175866]  ext4_ext_map_blocks+0x1d92/0x48e0
[  983.183884]  ? kasan_check_write+0x14/0x20
[  983.183930]  ? ext4_ext_release+0x10/0x10
[  983.183964]  ? zap_class+0x640/0x640
[  983.193024]  ? zap_class+0x640/0x640
[  983.201503]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.201521]  ? check_preemption_disabled+0x48/0x280
[  983.201561]  ? lock_acquire+0x1ed/0x520
[  983.201580]  ? ext4_map_blocks+0x487/0x1b50
[  983.214757]  ? lock_release+0xa10/0xa10
[  983.214773]  ? perf_trace_sched_process_exec+0x860/0x860
[  983.214791]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  983.214805]  ? kasan_check_read+0x11/0x20
[  983.214819]  ? do_raw_spin_unlock+0xa7/0x330
[  983.214838]  ? do_raw_spin_trylock+0x270/0x270
[  983.223254]  ? down_read+0x8d/0x120
[  983.223268]  ? ext4_map_blocks+0x487/0x1b50
[  983.223289]  ? __down_interruptible+0x700/0x700
[  983.236067]  ext4_map_blocks+0xe2d/0x1b50
[  983.236097]  ? ext4_issue_zeroout+0x190/0x190
[  983.236113]  ? kasan_check_read+0x11/0x20
[  983.236140]  ext4_getblk+0x10e/0x630
[  983.246082]  ? __lockdep_init_map+0x105/0x590
[  983.246103]  ? ext4_iomap_begin+0x1390/0x1390
[  983.246123]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.246140]  ? __dquot_initialize+0x629/0xdd0
[  983.246156]  ? __init_waitqueue_head+0x9e/0x150
[  983.246177]  ext4_bread+0x95/0x2b0
[  983.246195]  ? ext4_getblk+0x630/0x630
[  983.256596]  ? dquot_get_next_dqblk+0x180/0x180
[  983.256616]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.256630]  ? __lookup_slow+0x312/0x540
[  983.256719]  ext4_append+0x14e/0x370
[  983.265483]  ext4_mkdir+0x532/0xe60
[  983.265510]  ? ext4_init_dot_dotdot+0x510/0x510
[  983.265530]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.265549]  ? security_inode_permission+0xd2/0x100
[  983.265568]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.273457]  ? security_inode_mkdir+0xe8/0x120
[  983.273479]  vfs_mkdir+0x42e/0x6b0
[  983.273503]  ovl_create_real+0x225/0x410
[  983.273525]  ovl_workdir_create+0x564/0x820
[  983.300037]  ? ovl_mount_dir+0x1c0/0x1c0
[  983.300054]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.300095]  ovl_fill_super+0x12fc/0x3f33
[  983.340036]  ? vfs_get_super+0x270/0x270
[  983.340070]  ? ovl_show_options+0x550/0x550
[  983.340113]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.352443]  ? get_anon_bdev+0xc0/0xc0
[  983.352470]  ? sget+0x113/0x150
[  983.352491]  ? ovl_show_options+0x550/0x550
[  983.352509]  mount_nodev+0x73/0x120
[  983.361497]  ? ovl_own_xattr_set+0x10/0x10
[  983.361514]  ovl_mount+0x34/0x40
[  983.361534]  legacy_get_tree+0x131/0x460
[  983.361555]  vfs_get_tree+0x1cb/0x5c0
[  983.376238]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  983.376256]  do_mount+0x70c/0x1d90
[  983.376277]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  983.376298]  ? copy_mount_string+0x40/0x40
[  983.376319]  ? copy_mount_options+0x5f/0x430
[  983.376340]  ? kmem_cache_alloc_trace+0x353/0x750
[  983.376361]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  983.388441]  ? _copy_from_user+0xdf/0x150
[  983.388475]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  983.388490]  ? copy_mount_options+0x315/0x430
[  983.388510]  ksys_mount+0x12d/0x140
[  983.398106]  __x64_sys_mount+0xbe/0x150
[  983.398130]  do_syscall_64+0x1b9/0x820
[  983.398150]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  983.398169]  ? syscall_return_slowpath+0x5e0/0x5e0
[  983.398189]  ? trace_hardirqs_on_caller+0x310/0x310
[  983.398207]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  983.398226]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  983.398243]  ? __switch_to_asm+0x40/0x70
[  983.410232]  ? __switch_to_asm+0x34/0x70
[  983.410254]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  983.410278]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  983.420804] RIP: 0033:0x457569
[  983.420822] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:45:06 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x1000000, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:06 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1)

03:45:06 executing program 2:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {}, 0x7d6}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:06 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  983.420831] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  983.420846] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  983.420861] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  983.430971] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  983.430981] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  983.430991] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:06 executing program 4 (fault-call:2 fault-nth:56):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:06 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x4800}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:06 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0xffffff7f, 0x0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:06 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001}}, 0xa)
ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000080)={0x200, 0x8, 0x2, 0x6fd88b9, 0x8001, 0xffffffffffffffff})
llistxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=""/135, 0x87)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:06 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000000)={0x0, @aes256, 0x3, "4ca3cc9eb29fe1c0"})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  983.791309] FAT-fs (loop3): bogus number of reserved sectors
[  983.810946] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:06 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:06 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x8001a0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:06 executing program 2:
syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x1, 0x4000)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  984.044813] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:06 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x402, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {}, 0x1}, 0xa)
setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@v1={0x2, "0b2c450a90b7250fcca6ba"}, 0xc, 0x3)

[  984.087366] FAULT_INJECTION: forcing a failure.
[  984.087366] name failslab, interval 1, probability 0, space 0, times 0
[  984.134498] CPU: 0 PID: 13867 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  984.143025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  984.152393] Call Trace:
[  984.154997]  dump_stack+0x244/0x39d
[  984.158647]  ? dump_stack_print_info.cold.1+0x20/0x20
[  984.163863]  ? find_held_lock+0x36/0x1c0
[  984.167951]  should_fail.cold.4+0xa/0x17
[  984.172033]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  984.177161]  ? set_pageblock_migratetype+0x40/0x40
03:45:07 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:07 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xc86, 0x0, 0x2}}}, 0x50}}, 0x0)

[  984.182116]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  984.187696]  ? zap_class+0x640/0x640
[  984.191461]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  984.197021]  ? find_held_lock+0x36/0x1c0
[  984.201110]  ? __lock_is_held+0xb5/0x140
[  984.201145]  ? perf_trace_sched_process_exec+0x860/0x860
[  984.210679]  __should_failslab+0x124/0x180
[  984.214942]  should_failslab+0x9/0x14
[  984.218781]  kmem_cache_alloc+0x2be/0x730
[  984.222947]  ? print_usage_bug+0xc0/0xc0
[  984.227025]  ? zap_class+0x640/0x640
[  984.230766]  ? mark_held_locks+0x130/0x130
03:45:07 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = msgget$private(0x0, 0x400)
msgsnd(r1, &(0x7f0000000080)={0x0, "ce31768b5f3440f5d7e17199332095708a027ab6db841d5ec15f9c5143e0f355a45ea897086bbac19614"}, 0x32, 0x800)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f00000000c0)=0x7f, 0x4)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})
r3 = add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000180)="c7dbcc00fd7703aae956b571b12cf156e854dae06bc140283484846f63f891209072de05229ee55e848da2ee3e910bc6bd1d2d49431e873eec7ae52db1d52d75cf0e8f160feaef31404117a870d8d21bb4bfe3dab2e3f46506a194f45f2a93f0a09f7ce754955ba94b4f365153a62f87f89e7ec378c4ec7e04293dbf5d00bcf4e9416b8114a85b923c9d7447717d290be145bb5245d7e8b025a2f88a205a49d92529d2e68b7bf9ce9bb75aabbaf01062eb63d012a3e2f9e7546e2a83a68ce33b4be3150c500c63423cc1fc4818cb055830581803a76684418c987e", 0xdb, 0xfffffffffffffffd)
keyctl$assume_authority(0x10, r3)

[  984.235029]  __d_alloc+0xc8/0xb90
[  984.238500]  ? print_usage_bug+0xc0/0xc0
[  984.242589]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  984.247627]  ? __lock_acquire+0x62f/0x4c20
[  984.251878]  ? lock_acquire+0x1ed/0x520
[  984.255877]  ? print_usage_bug+0xc0/0xc0
[  984.259969]  ? __lock_acquire+0x62f/0x4c20
[  984.264222]  ? mark_held_locks+0x130/0x130
[  984.268495]  d_alloc+0x96/0x380
[  984.271794]  ? __d_alloc+0xb90/0xb90
[  984.275536]  d_alloc_parallel+0x15a/0x1f40
[  984.279795]  ? mark_held_locks+0x130/0x130
[  984.284042]  ? __lock_acquire+0x62f/0x4c20
[  984.288292]  ? pcpu_alloc+0x11a1/0x15d0
[  984.292281]  ? lock_downgrade+0x900/0x900
[  984.296440]  ? __d_lookup_rcu+0xaa0/0xaa0
[  984.300608]  ? zap_class+0x640/0x640
[  984.304339]  ? mark_held_locks+0x130/0x130
[  984.308595]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.314145]  ? zap_class+0x640/0x640
[  984.317883]  ? zap_class+0x640/0x640
[  984.321625]  ? find_held_lock+0x36/0x1c0
[  984.325698]  ? zap_class+0x640/0x640
[  984.329466]  ? __lockdep_init_map+0x105/0x590
[  984.333976]  ? __lockdep_init_map+0x105/0x590
[  984.338496]  ? lockdep_init_map+0x9/0x10
[  984.342577]  ? __init_waitqueue_head+0x9e/0x150
[  984.347264]  ? init_wait_entry+0x1c0/0x1c0
[  984.351518]  ? lock_acquire+0x1ed/0x520
[  984.355540]  __lookup_slow+0x1e6/0x540
[  984.359485]  ? vfs_unlink+0x510/0x510
[  984.363340]  ? path_init+0x1ed0/0x1ed0
[  984.367241]  ? is_bpf_text_address+0xac/0x170
[  984.371754]  lookup_slow+0x57/0x80
[  984.375314]  walk_component+0x92b/0x2590
[  984.379401]  ? inode_permission+0xb2/0x560
[  984.383680]  ? pick_link+0xaf0/0xaf0
[  984.387415]  ? walk_component+0x2590/0x2590
[  984.387472]  ? __save_stack_trace+0x8d/0xf0
[  984.387528]  ? save_stack+0xa9/0xd0
[  984.387542]  ? save_stack+0x43/0xd0
[  984.387554]  ? kasan_kmalloc+0xc7/0xe0
[  984.387566]  ? kasan_slab_alloc+0x12/0x20
[  984.387585]  ? kmem_cache_alloc+0x12e/0x730
[  984.415820]  path_lookupat.isra.43+0x212/0xc00
[  984.420414]  ? do_mount+0x70c/0x1d90
[  984.424164]  ? ksys_mount+0x12d/0x140
[  984.427978]  ? __x64_sys_mount+0xbe/0x150
[  984.432144]  ? path_parentat.isra.41+0x160/0x160
[  984.436926]  ? cache_grow_end+0xa8/0x190
[  984.441102]  ? zap_class+0x640/0x640
[  984.444811]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.450333]  ? check_preemption_disabled+0x48/0x280
[  984.455361]  filename_lookup+0x26a/0x520
[  984.459419]  ? nd_jump_link+0x1d0/0x1d0
[  984.463393]  ? rcu_read_lock_sched_held+0x14f/0x180
[  984.468408]  ? kmem_cache_alloc+0x33a/0x730
[  984.472762]  kern_path+0x33/0x40
[  984.476119]  ovl_mount_dir_noesc+0x6b/0x190
[  984.480430]  ovl_mount_dir+0x10a/0x1c0
[  984.484333]  ovl_fill_super+0x10e7/0x3f33
[  984.488480]  ? vfs_get_super+0x270/0x270
[  984.492535]  ? ovl_show_options+0x550/0x550
[  984.496859]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.502387]  ? get_anon_bdev+0xc0/0xc0
[  984.506259]  ? sget+0x113/0x150
[  984.509529]  ? ovl_show_options+0x550/0x550
[  984.513833]  mount_nodev+0x73/0x120
[  984.517455]  ? ovl_own_xattr_set+0x10/0x10
[  984.521676]  ovl_mount+0x34/0x40
[  984.525031]  legacy_get_tree+0x131/0x460
[  984.529079]  vfs_get_tree+0x1cb/0x5c0
[  984.532861]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  984.537605]  do_mount+0x70c/0x1d90
[  984.541136]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  984.546662]  ? copy_mount_string+0x40/0x40
[  984.550889]  ? copy_mount_options+0x5f/0x430
[  984.555288]  ? kmem_cache_alloc_trace+0x353/0x750
[  984.560120]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  984.565662]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  984.571185]  ? copy_mount_options+0x315/0x430
[  984.575669]  ksys_mount+0x12d/0x140
[  984.579286]  __x64_sys_mount+0xbe/0x150
[  984.583248]  do_syscall_64+0x1b9/0x820
[  984.587122]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  984.592472]  ? syscall_return_slowpath+0x5e0/0x5e0
[  984.597407]  ? trace_hardirqs_on_caller+0x310/0x310
[  984.602414]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  984.607420]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  984.614080]  ? __switch_to_asm+0x40/0x70
[  984.618125]  ? __switch_to_asm+0x34/0x70
[  984.622192]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  984.627048]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  984.632224] RIP: 0033:0x457569
[  984.635405] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  984.654294] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  984.661991] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  984.669244] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  984.676500] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
03:45:07 executing program 4 (fault-call:2 fault-nth:57):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:07 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x34000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:07 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
add_key(&(0x7f00000001c0)='pkcs7_test\x00', &(0x7f0000000200)={'syz'}, &(0x7f0000000240), 0xfffff, 0xfffffffffffffffb)
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:07 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000000))
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000100), &(0x7f0000000140)=0x4)

03:45:07 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xb2f00000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:07 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000000)={0x0, 0x81})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  984.683753] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  984.691007] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  984.700981] overlayfs: failed to resolve './file1': -12
03:45:07 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf0ffffffffffff, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:07 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000000)={0x20, <r2=>0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x1, r2, 0x10001, 0x800})

03:45:07 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
fstatfs(r0, &(0x7f0000000100)=""/125)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000000))

03:45:07 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x8001a0ffffffff, 0x0, 0x2}}}, 0x50}}, 0x0)

[  984.858788] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  984.895536] FAULT_INJECTION: forcing a failure.
[  984.895536] name failslab, interval 1, probability 0, space 0, times 0
03:45:07 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
socket(0x1a, 0x800, 0x80)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}}, 0xa)
recvmsg$kcm(r1, &(0x7f00000027c0)={&(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000002700)=[{&(0x7f0000000100)=""/227, 0xe3}, {&(0x7f0000000200)=""/238, 0xee}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/104, 0x68}, {&(0x7f0000001380)=""/4096, 0x1000}, {&(0x7f0000002380)=""/169, 0xa9}, {&(0x7f0000002440)=""/244, 0xf4}, {&(0x7f0000002540)=""/247, 0xf7}, {&(0x7f0000002640)=""/181, 0xb5}], 0x9, &(0x7f0000000000)=""/31, 0x1f, 0x9}, 0x20)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000002800)={0x1, 0x7f, 0x80, 0x3, 0x101, 0x10001})

[  984.964392] CPU: 1 PID: 13911 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  984.972941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  984.982306] Call Trace:
[  984.984914]  dump_stack+0x244/0x39d
[  984.989034]  ? dump_stack_print_info.cold.1+0x20/0x20
[  984.994245]  ? zap_class+0x640/0x640
[  984.997981]  ? __mark_inode_dirty+0xfb5/0x1500
[  985.002592]  should_fail.cold.4+0xa/0x17
[  985.006670]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  985.011794]  ? __lock_is_held+0xb5/0x140
[  985.015879]  ? zap_class+0x640/0x640
[  985.019625]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  985.025181]  ? __mark_inode_dirty+0x4ad/0x1500
[  985.025201]  ? __inode_attach_wb+0x13f0/0x13f0
[  985.025236]  ? __lock_is_held+0xb5/0x140
[  985.025253]  ? rcu_softirq_qs+0x20/0x20
[  985.025282]  ? inode_add_bytes+0xd3/0xf0
[  985.046531]  ? perf_trace_sched_process_exec+0x860/0x860
[  985.051998]  ? __dquot_alloc_space+0x4b9/0x8c0
[  985.056602]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  985.061647]  __should_failslab+0x124/0x180
[  985.065904]  should_failslab+0x9/0x14
[  985.069722]  kmem_cache_alloc+0x2be/0x730
[  985.073897]  ext4_mb_new_blocks+0x782/0x4820
[  985.073924]  ? find_held_lock+0x36/0x1c0
[  985.073955]  ? ext4_discard_preallocations+0x1900/0x1900
[  985.082412]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  985.082427]  ? kasan_check_read+0x11/0x20
[  985.082456]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  985.082477]  ? rcu_softirq_qs+0x20/0x20
[  985.092847]  ? rcu_softirq_qs+0x20/0x20
[  985.092862]  ? unwind_dump+0x190/0x190
[  985.092890]  ? is_bpf_text_address+0xd3/0x170
[  985.092910]  ? kernel_text_address+0x79/0xf0
[  985.102323]  ? __kernel_text_address+0xd/0x40
[  985.102340]  ? unwind_get_return_address+0x61/0xa0
[  985.102360]  ? __save_stack_trace+0x8d/0xf0
[  985.102390]  ? save_stack+0xa9/0xd0
[  985.110318]  ? save_stack+0x43/0xd0
[  985.110332]  ? kasan_kmalloc+0xc7/0xe0
[  985.110347]  ? __kmalloc+0x15b/0x760
[  985.110363]  ? ext4_find_extent+0x757/0x9b0
[  985.110379]  ? ext4_ext_map_blocks+0x28c/0x48e0
[  985.110398]  ? ext4_map_blocks+0x8f7/0x1b50
[  985.118770]  ? ext4_getblk+0x10e/0x630
[  985.118789]  ? ext4_bread+0x95/0x2b0
[  985.127687]  ? ext4_append+0x14e/0x370
[  985.127700]  ? ext4_mkdir+0x532/0xe60
[  985.127713]  ? vfs_mkdir+0x42e/0x6b0
[  985.127728]  ? ovl_create_real+0x225/0x410
[  985.127746]  ? ovl_workdir_create+0x564/0x820
[  985.127761]  ? ovl_fill_super+0x12fc/0x3f33
[  985.127775]  ? mount_nodev+0x73/0x120
[  985.127794]  ? ovl_mount+0x34/0x40
[  985.137026]  ? legacy_get_tree+0x131/0x460
[  985.137040]  ? vfs_get_tree+0x1cb/0x5c0
[  985.137053]  ? do_mount+0x70c/0x1d90
[  985.137066]  ? ksys_mount+0x12d/0x140
[  985.137079]  ? __x64_sys_mount+0xbe/0x150
[  985.137095]  ? do_syscall_64+0x1b9/0x820
[  985.137119]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  985.144364]  ? zap_class+0x640/0x640
[  985.144390]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.144407]  ? check_preemption_disabled+0x48/0x280
[  985.144434]  ? __lock_is_held+0xb5/0x140
[  985.144475]  ? rcu_read_lock_sched_held+0x14f/0x180
[  985.180603]  ? __kmalloc+0x5ee/0x760
[  985.180627]  ? ext4_find_extent+0x757/0x9b0
[  985.180648]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.180665]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.180685]  ? ext4_inode_to_goal_block+0x2e3/0x3f0
[  985.188643]  ext4_ext_map_blocks+0x2715/0x48e0
[  985.188682]  ? ext4_ext_release+0x10/0x10
[  985.188703]  ? zap_class+0x640/0x640
[  985.197517]  ? zap_class+0x640/0x640
[  985.197535]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.197552]  ? check_preemption_disabled+0x48/0x280
[  985.197592]  ? lock_acquire+0x1ed/0x520
03:45:07 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
fstat(r0, &(0x7f0000000680))
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  985.197611]  ? ext4_map_blocks+0x88f/0x1b50
[  985.209176]  ? lock_release+0xa10/0xa10
[  985.209192]  ? perf_trace_sched_process_exec+0x860/0x860
[  985.209217]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  985.209238]  ? kasan_check_read+0x11/0x20
[  985.220742]  ? do_raw_spin_unlock+0xa7/0x330
[  985.220776]  ? down_write+0x8a/0x130
[  985.220791]  ? ext4_map_blocks+0x88f/0x1b50
[  985.220807]  ? down_read+0x120/0x120
[  985.220833]  ext4_map_blocks+0x8f7/0x1b50
[  985.229037]  ? ext4_issue_zeroout+0x190/0x190
[  985.229054]  ? kasan_check_read+0x11/0x20
[  985.229084]  ext4_getblk+0x10e/0x630
[  985.229103]  ? __lockdep_init_map+0x105/0x590
[  985.238178]  ? ext4_iomap_begin+0x1390/0x1390
[  985.238200]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.238225]  ? __dquot_initialize+0x629/0xdd0
[  985.238247]  ? __init_waitqueue_head+0x9e/0x150
[  985.248783]  ext4_bread+0x95/0x2b0
[  985.248803]  ? ext4_getblk+0x630/0x630
[  985.248818]  ? dquot_get_next_dqblk+0x180/0x180
[  985.248838]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.248852]  ? __lookup_slow+0x312/0x540
[  985.248875]  ext4_append+0x14e/0x370
[  985.257946]  ext4_mkdir+0x532/0xe60
[  985.257976]  ? ext4_init_dot_dotdot+0x510/0x510
[  985.257998]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.258016]  ? security_inode_permission+0xd2/0x100
[  985.258038]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.266064]  ? security_inode_mkdir+0xe8/0x120
[  985.266085]  vfs_mkdir+0x42e/0x6b0
[  985.266123]  ovl_create_real+0x225/0x410
[  985.266157]  ovl_workdir_create+0x564/0x820
[  985.266194]  ? ovl_mount_dir+0x1c0/0x1c0
[  985.277286]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.277335]  ovl_fill_super+0x12fc/0x3f33
[  985.277356]  ? vfs_get_super+0x270/0x270
[  985.277386]  ? ovl_show_options+0x550/0x550
[  985.286989]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.287010]  ? get_anon_bdev+0xc0/0xc0
[  985.287024]  ? sget+0x113/0x150
[  985.287051]  ? ovl_show_options+0x550/0x550
[  985.294899]  mount_nodev+0x73/0x120
[  985.294920]  ? ovl_own_xattr_set+0x10/0x10
[  985.294937]  ovl_mount+0x34/0x40
[  985.294956]  legacy_get_tree+0x131/0x460
[  985.294977]  vfs_get_tree+0x1cb/0x5c0
[  985.294995]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  985.304245]  do_mount+0x70c/0x1d90
[  985.304271]  ? copy_mount_string+0x40/0x40
[  985.304289]  ? retint_kernel+0x2d/0x2d
[  985.304313]  ? copy_mount_options+0x228/0x430
[  985.304337]  ? write_comp_data+0x4/0x70
[  985.313315]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  985.313330]  ? copy_mount_options+0x315/0x430
[  985.313353]  ksys_mount+0x12d/0x140
[  985.313373]  __x64_sys_mount+0xbe/0x150
[  985.313394]  do_syscall_64+0x1b9/0x820
[  985.321685]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  985.321705]  ? syscall_return_slowpath+0x5e0/0x5e0
[  985.321724]  ? trace_hardirqs_on_caller+0x310/0x310
[  985.321741]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  985.321764]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  985.331883]  ? __switch_to_asm+0x40/0x70
[  985.331896]  ? __switch_to_asm+0x34/0x70
[  985.331920]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  985.331948]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  985.331965] RIP: 0033:0x457569
03:45:08 executing program 4 (fault-call:2 fault-nth:58):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:08 executing program 1:
ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000000)={0x4, 0x0, 0x1, <r0=>0xffffffffffffff9c})
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'U+', 0x15c}, 0x28, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:08 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xa0018000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:08 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UI_SET_PHYS(r1, 0x4008556c, &(0x7f0000000000)='syz1\x00')
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  985.340523] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  985.340533] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  985.340549] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  985.340559] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  985.340569] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
03:45:08 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000240)=@generic={0x0, 0x2})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000540)=0xe8)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000580)=r2)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x0, &(0x7f0000001000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xfffffffffffffffe}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280))
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x59aa, 0x4)
recvmsg(r3, &(0x7f0000000200)={&(0x7f0000000280)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000c40)=""/160, 0xa0}, 0x0)
syz_emit_ethernet(0x437, &(0x7f0000000700)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev, @local, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000001780))
sendto$inet6(r3, &(0x7f0000000300), 0x0, 0x0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/231, 0xe7)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  985.340578] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  985.340592] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  985.388967] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
[  985.663069] FAT-fs (loop3): bogus number of reserved sectors
03:45:08 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x1900}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:08 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x20000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  985.734984] FAT-fs (loop3): Can't find a valid FAT filesystem
[  985.763958] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:08 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f0000000200)={0x21, 0x3, 0x0, {0x1}}, 0x21)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$BLKPG(r1, 0x1269, &(0x7f0000000000)={0x3, 0x7ad2, 0xbe, &(0x7f00000000c0)="f35979d0a1d78b749058898ac86c352c803d23e964068b866b52aa4f432979aa53fa95f30b54c5a6dea64952b127f0bb3d8b3784bf2c471f305dbaf0dc26874398cb4433a1f09038988087524aa7e4022c8c511ca83d716325a726d9fe1a4fe1e0e298d5dbbe91eb8f1e92d809da0449c1bb7834f0dc5d35a10f2cbcc39c7f4f9865d0b541f7c21496d04d72c4ea6152f89d65da187ac6f341bff8cc1616eccf91857913a7b0878d49eb4e7eab0be022b62ab0a4b015a85f91ce1889bf56"})
getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000180)=0xffffffff, &(0x7f00000001c0)=0x4)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f0000000080)=0x7)

[  985.806892] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
03:45:08 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  985.871352] FAULT_INJECTION: forcing a failure.
[  985.871352] name failslab, interval 1, probability 0, space 0, times 0
03:45:08 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SCSI_IOCTL_SYNC(r1, 0x4)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  985.941323] CPU: 0 PID: 13941 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  985.949882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  985.959241] Call Trace:
[  985.961866]  dump_stack+0x244/0x39d
[  985.965527]  ? dump_stack_print_info.cold.1+0x20/0x20
[  985.970749]  ? zap_class+0x640/0x640
[  985.974502]  should_fail.cold.4+0xa/0x17
[  985.978584]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  985.978605]  ? __lock_acquire+0x62f/0x4c20
[  985.978625]  ? print_usage_bug+0xc0/0xc0
[  985.987981]  ? zap_class+0x640/0x640
[  985.988006]  ? mark_held_locks+0x130/0x130
[  985.988023]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[  985.988047]  ? __lock_is_held+0xb5/0x140
[  985.988081]  ? perf_trace_sched_process_exec+0x860/0x860
[  985.988097]  ? mark_held_locks+0x130/0x130
[  985.988126]  __should_failslab+0x124/0x180
[  985.988145]  should_failslab+0x9/0x14
[  986.026480]  kmem_cache_alloc+0x2be/0x730
[  986.030661]  ? ratelimit_state_init+0xb0/0xb0
[  986.035168]  ext4_alloc_inode+0xc7/0x880
03:45:08 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x3b4}, 0xfffffffffffffffe}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000000)={0xffff, 0x8001, 0x3f, 0x5})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x100, 0x0)

[  986.039251]  ? ratelimit_state_init+0xb0/0xb0
[  986.043766]  ? find_held_lock+0x36/0x1c0
[  986.047856]  ? get_cached_acl+0x35c/0x460
[  986.052021]  ? lock_downgrade+0x900/0x900
[  986.056197]  ? check_preemption_disabled+0x48/0x280
[  986.061233]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  986.066172]  ? kasan_check_read+0x11/0x20
[  986.070331]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  986.075649]  ? rcu_softirq_qs+0x20/0x20
[  986.079648]  ? zap_class+0x640/0x640
[  986.083380]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.088934]  ? ratelimit_state_init+0xb0/0xb0
[  986.093460]  alloc_inode+0x63/0x190
[  986.097106]  new_inode_pseudo+0x71/0x1a0
[  986.101188]  ? prune_icache_sb+0x1c0/0x1c0
[  986.105445]  new_inode+0x1c/0x40
[  986.108841]  __ext4_new_inode+0x4c8/0x65a0
[  986.113118]  ? zap_class+0x640/0x640
[  986.116891]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[  986.122016]  ? __wake_up_common_lock+0x1d0/0x330
[  986.126812]  ? ext4_free_inode+0x1a10/0x1a10
[  986.131244]  ? find_held_lock+0x36/0x1c0
[  986.135333]  ? d_splice_alias+0x7a5/0x11d0
03:45:09 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$alg(0x26, 0x5, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  986.139585]  ? lock_downgrade+0x900/0x900
[  986.143759]  ? kasan_check_read+0x11/0x20
[  986.143776]  ? do_raw_spin_unlock+0xa7/0x330
[  986.143792]  ? do_raw_spin_trylock+0x270/0x270
[  986.143810]  ? d_delete+0x220/0x220
[  986.143823]  ? zap_class+0x640/0x640
[  986.143849]  ? _raw_spin_unlock+0x2c/0x50
[  986.164289]  ? d_splice_alias+0x7c9/0x11d0
[  986.164315]  ? d_instantiate_anon+0x30/0x30
[  986.164360]  ? lock_downgrade+0x900/0x900
[  986.164375]  ? check_preemption_disabled+0x48/0x280
[  986.164398]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  986.164410]  ? kasan_check_read+0x11/0x20
[  986.164440]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  986.164474]  ? __lockdep_init_map+0x105/0x590
[  986.164503]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.177202]  ? __dquot_initialize+0x629/0xdd0
[  986.177220]  ? __init_waitqueue_head+0x9e/0x150
[  986.177240]  ? d_lookup+0x255/0x300
[  986.177254]  ? d_lookup+0x255/0x300
[  986.177274]  ? dquot_get_next_dqblk+0x180/0x180
[  986.177298]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.200832]  ? __lookup_slow+0x312/0x540
[  986.200853]  ? do_raw_spin_unlock+0xa7/0x330
[  986.200876]  ext4_mkdir+0x2e1/0xe60
[  986.220057]  ? ext4_init_dot_dotdot+0x510/0x510
[  986.220083]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.220102]  ? security_inode_permission+0xd2/0x100
[  986.220123]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.232039]  ? security_inode_mkdir+0xe8/0x120
[  986.232062]  vfs_mkdir+0x42e/0x6b0
[  986.232087]  ovl_create_real+0x225/0x410
[  986.232110]  ovl_workdir_create+0x564/0x820
[  986.232134]  ? ovl_mount_dir+0x1c0/0x1c0
[  986.291091]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.296668]  ovl_fill_super+0x12fc/0x3f33
[  986.300843]  ? vfs_get_super+0x270/0x270
[  986.304937]  ? ovl_show_options+0x550/0x550
[  986.309296]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.309317]  ? get_anon_bdev+0xc0/0xc0
[  986.309332]  ? sget+0x113/0x150
[  986.309360]  ? ovl_show_options+0x550/0x550
[  986.326359]  mount_nodev+0x73/0x120
[  986.326380]  ? ovl_own_xattr_set+0x10/0x10
[  986.326396]  ovl_mount+0x34/0x40
[  986.326415]  legacy_get_tree+0x131/0x460
[  986.334272]  vfs_get_tree+0x1cb/0x5c0
[  986.334290]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  986.334306]  do_mount+0x70c/0x1d90
[  986.334326]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  986.334348]  ? copy_mount_string+0x40/0x40
[  986.334369]  ? copy_mount_options+0x5f/0x430
[  986.334390]  ? kmem_cache_alloc_trace+0x353/0x750
[  986.334410]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  986.341851]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.341868]  ? copy_mount_options+0x315/0x430
[  986.341890]  ksys_mount+0x12d/0x140
[  986.341910]  __x64_sys_mount+0xbe/0x150
[  986.341932]  do_syscall_64+0x1b9/0x820
[  986.350491]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  986.350514]  ? syscall_return_slowpath+0x5e0/0x5e0
[  986.350530]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  986.350550]  ? trace_hardirqs_on_caller+0x310/0x310
[  986.350568]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  986.350588]  ? prepare_exit_to_usermode+0x291/0x3b0
[  986.363884]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  986.363914]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  986.363927] RIP: 0033:0x457569
[  986.363943] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  986.363957] RSP: 002b:00007f7fae567c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  986.384274] RAX: ffffffffffffffda RBX: 00007f7fae567c90 RCX: 0000000000457569
[  986.384284] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  986.384294] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000
03:45:09 executing program 4 (fault-call:2 fault-nth:59):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:09 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x7})
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:09 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:09 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0x4, 0x4, 0x80000, 0xffff})
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  986.384304] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5686d4
[  986.384314] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000003
[  986.408846] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
[  986.465726] FAT-fs (loop3): bogus number of reserved sectors
[  986.499694] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:09 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000000080)={0x51, 0x5ed3033f, 0x4, {0x200, 0x7}, {0x40000000000000, 0x3}, @cond=[{0x20, 0xfff, 0x0, 0x7, 0x1, 0x9}, {0x4, 0x2, 0xfffffffffffff44e, 0xe, 0x6, 0x8}]})
r2 = fcntl$dupfd(r0, 0x406, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

[  986.569552] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  986.602844] FAULT_INJECTION: forcing a failure.
[  986.602844] name failslab, interval 1, probability 0, space 0, times 0
[  986.655085] CPU: 1 PID: 13995 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  986.663618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  986.672995] Call Trace:
[  986.675609]  dump_stack+0x244/0x39d
[  986.679282]  ? dump_stack_print_info.cold.1+0x20/0x20
[  986.684523]  ? perf_trace_sched_process_exec+0x860/0x860
[  986.689992]  ? kasan_check_read+0x11/0x20
[  986.694163]  should_fail.cold.4+0xa/0x17
[  986.698275]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  986.703382]  ? block_commit_write+0x30/0x30
[  986.707718]  ? print_usage_bug+0xc0/0xc0
[  986.711788]  ? __ext4_handle_dirty_metadata+0x1e0/0x5a0
[  986.717197]  ? kasan_check_write+0x14/0x20
[  986.721485]  ? zap_class+0x640/0x640
[  986.725232]  ? __lock_is_held+0xb5/0x140
[  986.725266]  ? perf_trace_sched_process_exec+0x860/0x860
[  986.725299]  ? __lock_acquire+0x62f/0x4c20
[  986.725321]  __should_failslab+0x124/0x180
[  986.734819]  should_failslab+0x9/0x14
[  986.734837]  __kmalloc+0x2e0/0x760
[  986.734860]  ? ext4_find_extent+0x757/0x9b0
[  986.734883]  ext4_find_extent+0x757/0x9b0
[  986.734924]  ext4_ext_map_blocks+0x28c/0x48e0
[  986.734953]  ? kasan_check_write+0x14/0x20
[  986.743444]  ? ext4_ext_release+0x10/0x10
[  986.743480]  ? zap_class+0x640/0x640
[  986.743498]  ? zap_class+0x640/0x640
[  986.743519]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.755159]  ? check_preemption_disabled+0x48/0x280
[  986.755200]  ? lock_acquire+0x1ed/0x520
[  986.755226]  ? ext4_map_blocks+0x487/0x1b50
[  986.755255]  ? lock_release+0xa10/0xa10
[  986.768118]  ? perf_trace_sched_process_exec+0x860/0x860
[  986.768137]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  986.768150]  ? kasan_check_read+0x11/0x20
[  986.768165]  ? do_raw_spin_unlock+0xa7/0x330
[  986.768179]  ? do_raw_spin_trylock+0x270/0x270
[  986.768207]  ? down_read+0x8d/0x120
[  986.776063]  ? ext4_map_blocks+0x487/0x1b50
[  986.776082]  ? __down_interruptible+0x700/0x700
[  986.776111]  ext4_map_blocks+0xe2d/0x1b50
[  986.776141]  ? ext4_issue_zeroout+0x190/0x190
[  986.776157]  ? kasan_check_read+0x11/0x20
[  986.776184]  ext4_getblk+0x10e/0x630
[  986.785416]  ? __lockdep_init_map+0x105/0x590
[  986.785436]  ? ext4_iomap_begin+0x1390/0x1390
[  986.785496]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.785529]  ? __dquot_initialize+0x629/0xdd0
[  986.794529]  ? __init_waitqueue_head+0x9e/0x150
[  986.794552]  ext4_bread+0x95/0x2b0
[  986.794571]  ? ext4_getblk+0x630/0x630
[  986.794586]  ? dquot_get_next_dqblk+0x180/0x180
[  986.794605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.794635]  ? __lookup_slow+0x312/0x540
[  986.802928]  ext4_append+0x14e/0x370
[  986.802954]  ext4_mkdir+0x532/0xe60
[  986.802984]  ? ext4_init_dot_dotdot+0x510/0x510
[  986.813101]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.813122]  ? security_inode_permission+0xd2/0x100
[  986.813142]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.813158]  ? security_inode_mkdir+0xe8/0x120
[  986.813177]  vfs_mkdir+0x42e/0x6b0
[  986.821751]  ovl_create_real+0x225/0x410
[  986.821776]  ovl_workdir_create+0x564/0x820
[  986.821803]  ? ovl_mount_dir+0x1c0/0x1c0
[  986.821823]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.830042]  ovl_fill_super+0x12fc/0x3f33
[  986.830064]  ? vfs_get_super+0x270/0x270
[  986.830095]  ? ovl_show_options+0x550/0x550
[  986.839115]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.839135]  ? get_anon_bdev+0xc0/0xc0
[  986.839162]  ? sget+0x113/0x150
[  986.839182]  ? ovl_show_options+0x550/0x550
[  986.847810]  mount_nodev+0x73/0x120
[  986.847831]  ? ovl_own_xattr_set+0x10/0x10
[  986.847847]  ovl_mount+0x34/0x40
[  986.847867]  legacy_get_tree+0x131/0x460
[  986.847889]  vfs_get_tree+0x1cb/0x5c0
[  986.847906]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  986.855753]  do_mount+0x70c/0x1d90
[  986.855775]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  986.855797]  ? copy_mount_string+0x40/0x40
[  986.855818]  ? copy_mount_options+0x5f/0x430
[  986.855839]  ? kmem_cache_alloc_trace+0x353/0x750
[  986.855859]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  986.864838]  ? _copy_from_user+0xdf/0x150
[  986.864862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  986.864877]  ? copy_mount_options+0x315/0x430
[  986.864898]  ksys_mount+0x12d/0x140
[  986.864920]  __x64_sys_mount+0xbe/0x150
[  986.874959]  do_syscall_64+0x1b9/0x820
[  986.874980]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  986.875000]  ? syscall_return_slowpath+0x5e0/0x5e0
[  986.875020]  ? trace_hardirqs_on_caller+0x310/0x310
[  986.875038]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  986.875061]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  986.883514]  ? __switch_to_asm+0x40/0x70
[  986.883528]  ? __switch_to_asm+0x34/0x70
[  986.883551]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  986.883582]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  986.892231] RIP: 0033:0x457569
[  986.892249] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  986.892258] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  986.892274] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  986.892284] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:45:10 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xbaf0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:10 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x860c, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:10 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x3ff)

03:45:10 executing program 4 (fault-call:2 fault-nth:60):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:10 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0x40000)
setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:10 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  986.892293] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  986.892307] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  986.901889] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:10 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000"])
r1 = fcntl$dupfd(r0, 0x406, r0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000180)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000000000)=0xe8)
syz_mount_image$nfs4(&(0x7f0000000280)='nfs4\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff001, 0x3, &(0x7f0000000480)=[{&(0x7f0000000300)="7047a67d3c", 0x5, 0xab4f}, {&(0x7f0000000340)="969d50998ea6d369c58a66ea55c75d2f9b999bd0f9fb88e08784dade91c782f1a2905f6698980869e29c4f54d146a7ea8201f1b7ef9b49b7f48a0d2374546e22886e0ba6bc713d3deafd2c5a1a33c0b9ec2f8ae0e83947a3d351552de39ea9894c408b180b00f07c32ec099e43a7286a880775b398084c5b4a91f3ddcf372740eadaf4cf2045eac8f5eacc938678406f4c5e6c033d11f54fc54245486059661a7a01921f4ba749e7d4c3ab07c7591e58a5ea990d23643a6d4da22f8f3a80fe86160194ce58b1c30e263c78e88212747cf03d7a", 0xd3, 0x80}, {&(0x7f0000000440), 0x0, 0x8}], 0x25412, &(0x7f0000000500)='^cpuset}eth0%trustedmime_type\x00')
bind$bt_rfcomm(r1, &(0x7f0000000040), 0xa)
setns(0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x10062100, &(0x7f0000000500), &(0x7f00000002c0), &(0x7f0000000000), &(0x7f00000002c0))
r3 = syz_open_dev$usb(&(0x7f0000000540)='/dev/bus/usb/00#/00#\x00', 0x0, 0x101040)
setsockopt$RDS_FREE_MR(r3, 0x114, 0x3, &(0x7f0000000080)={{0x3}, 0x20}, 0x10)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000ffb000/0x3000)=nil)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000580)=0x6, 0x8)
setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000080)={@ipv4={[], [], @broadcast}, r2}, 0x14)
r4 = gettid()
ptrace$peekuser(0x3, r4, 0x800)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000440)=0x7, 0x4)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  987.245316] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  987.256336] FAT-fs (loop3): bogus number of reserved sectors
[  987.264277] FAT-fs (loop3): Can't find a valid FAT filesystem
[  987.286856] FAULT_INJECTION: forcing a failure.
[  987.286856] name failslab, interval 1, probability 0, space 0, times 0
[  987.322726] CPU: 0 PID: 14024 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
03:45:10 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xffffff9e, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:10 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x1, r0)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000000))
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x2}}, 0xa)

[  987.331246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  987.331255] Call Trace:
[  987.331281]  dump_stack+0x244/0x39d
[  987.331314]  ? dump_stack_print_info.cold.1+0x20/0x20
[  987.352062]  should_fail.cold.4+0xa/0x17
[  987.356144]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  987.361267]  ? mark_held_locks+0x130/0x130
[  987.365531]  ? zap_class+0x640/0x640
[  987.369262]  ? zap_class+0x640/0x640
[  987.372997]  ? rcu_softirq_qs+0x20/0x20
[  987.376996]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.382552]  ? check_preemption_disabled+0x48/0x280
[  987.387595]  ? __lock_is_held+0xb5/0x140
[  987.391669]  ? __lock_is_held+0xb5/0x140
[  987.395767]  ? zap_class+0x640/0x640
[  987.399492]  ? perf_trace_sched_process_exec+0x860/0x860
[  987.404957]  ? zap_class+0x640/0x640
[  987.408698]  __should_failslab+0x124/0x180
[  987.408726]  should_failslab+0x9/0x14
[  987.408745]  kmem_cache_alloc+0x2be/0x730
[  987.408774]  jbd2__journal_start+0x1e7/0xa80
[  987.416805]  ? perf_trace_sched_process_exec+0x860/0x860
[  987.416827]  ? jbd2_write_access_granted.part.8+0x410/0x410
[  987.416849]  ? __might_sleep+0x95/0x190
[  987.416872]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.416895]  __ext4_journal_start_sb+0x1a0/0x5e0
[  987.416914]  ? __ext4_new_inode+0x3885/0x65a0
[  987.440578]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  987.440596]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  987.440614]  ? find_next_zero_bit+0x111/0x140
[  987.440634]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  987.440663]  __ext4_new_inode+0x3885/0x65a0
[  987.440698]  ? ext4_free_inode+0x1a10/0x1a10
[  987.476190]  ? find_held_lock+0x36/0x1c0
[  987.476220]  ? d_splice_alias+0x7a5/0x11d0
[  987.476239]  ? lock_downgrade+0x900/0x900
[  987.476263]  ? kasan_check_read+0x11/0x20
[  987.476278]  ? do_raw_spin_unlock+0xa7/0x330
[  987.476293]  ? do_raw_spin_trylock+0x270/0x270
[  987.476310]  ? d_delete+0x220/0x220
[  987.476324]  ? zap_class+0x640/0x640
[  987.476351]  ? _raw_spin_unlock+0x2c/0x50
[  987.476371]  ? d_splice_alias+0x7c9/0x11d0
[  987.501675]  ? d_instantiate_anon+0x30/0x30
[  987.501709]  ? lock_downgrade+0x900/0x900
[  987.501735]  ? check_preemption_disabled+0x48/0x280
[  987.501759]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  987.501777]  ? kasan_check_read+0x11/0x20
[  987.514387]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  987.514419]  ? __lockdep_init_map+0x105/0x590
[  987.514458]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.514478]  ? __dquot_initialize+0x629/0xdd0
[  987.514494]  ? __init_waitqueue_head+0x9e/0x150
[  987.514511]  ? d_lookup+0x255/0x300
[  987.514523]  ? d_lookup+0x255/0x300
[  987.514544]  ? dquot_get_next_dqblk+0x180/0x180
[  987.522430]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.522457]  ? __lookup_slow+0x312/0x540
[  987.522478]  ? do_raw_spin_unlock+0xa7/0x330
[  987.522502]  ext4_mkdir+0x2e1/0xe60
[  987.522533]  ? ext4_init_dot_dotdot+0x510/0x510
[  987.535234]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.535266]  ? security_inode_permission+0xd2/0x100
[  987.535298]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.535314]  ? security_inode_mkdir+0xe8/0x120
[  987.535335]  vfs_mkdir+0x42e/0x6b0
[  987.535359]  ovl_create_real+0x225/0x410
[  987.535383]  ovl_workdir_create+0x564/0x820
[  987.535408]  ? ovl_mount_dir+0x1c0/0x1c0
[  987.535428]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.549551]  ovl_fill_super+0x12fc/0x3f33
[  987.549574]  ? vfs_get_super+0x270/0x270
[  987.549606]  ? ovl_show_options+0x550/0x550
[  987.549650]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  987.577708]  ? get_anon_bdev+0xc0/0xc0
[  987.577732]  ? sget+0x113/0x150
[  987.577754]  ? ovl_show_options+0x550/0x550
[  987.577779]  mount_nodev+0x73/0x120
[  987.603746]  ? ovl_own_xattr_set+0x10/0x10
[  987.603764]  ovl_mount+0x34/0x40
[  987.603784]  legacy_get_tree+0x131/0x460
[  987.603807]  vfs_get_tree+0x1cb/0x5c0
[  987.603822]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  987.603846]  do_mount+0x70c/0x1d90
[  987.629153]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  987.629177]  ? copy_mount_string+0x40/0x40
[  987.629199]  ? copy_mount_options+0x5f/0x430
[  987.629219]  ? kmem_cache_alloc_trace+0x353/0x750
[  987.629240]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  987.629262]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:45:10 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/snapshot\x00', 0x400, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000d80)={<r2=>0x0, 0x401}, &(0x7f0000000dc0)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000e00)={r2, 0x100000001}, 0x8)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x371, 0x181002)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, <r4=>0x0}, &(0x7f0000000b80)=0xc)
getresuid(&(0x7f0000000140), &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0))
getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000000e40)={'filter\x00'}, &(0x7f0000000ec0)=0x54)
read(r0, &(0x7f0000000b40)=""/20, 0x14)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000ac0)=@filter={'filter\x00', 0xe, 0x5, 0x738, [0x0, 0x20000380, 0x20000698, 0x20000928], 0x0, &(0x7f0000000080), &(0x7f0000000380)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x9, 0x48, 0x892f, 'ip_vti0\x00', 'lo\x00', 'vcan0\x00', 'syzkaller1\x00', @empty, [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={[], 0xc}, [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], 0x100, 0x148, 0x178, [@vlan={'vlan\x00', 0x8, {{0x2, 0x4, 0x6558, 0x2, 0x6}}}, @arp={'arp\x00', 0x38, {{0x8, 0xd, 0x1, @multicast2, 0x0, @dev={0xac, 0x14, 0x14, 0x1d}, 0x0, @local, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @remote, [0xff, 0x0, 0xff, 0xff, 0xff, 0xff], 0x0, 0x4}}}]}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x8, 0x367, 0x8000}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}, {{{0x9, 0x44, 0xf6, 'team_slave_1\x00', 'bridge_slave_1\x00', 'bpq0\x00', 'bcsh0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0x0, 0xff, 0x0, 0x0, 0x0, 0xff], @local, [0xff, 0x0, 0xff, 0xff, 0xff], 0xe0, 0x140, 0x170, [@stp={'stp\x00', 0x48, {{0x2, {0x4, 0x3, 0x4, @dev={[], 0xe}, [0x9218c9d2b9d52a57, 0xff, 0x0, 0x0, 0x0, 0xff], 0x10001, 0x5, 0x3, 0x9, @broadcast, [0x0, 0x0, 0xff, 0xff, 0xff, 0xff], 0x4e22, 0x4e20, 0xffff, 0x12d, 0x4, 0x7, 0xbfb4, 0x8, 0x0, 0x2}, 0x100, 0x402}}}]}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x6}}}]}, @common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x2, [{{{0x1f, 0x8, 0x6007, 'irlan0\x00', 'eql\x00', 'syzkaller0\x00', 'team_slave_0\x00', @dev={[], 0x1a}, [0x0, 0xff, 0x0, 0xff, 0xff, 0xff], @remote, [0x0, 0x0, 0xff, 0xff], 0xe0, 0x110, 0x140, [@owner={'owner\x00', 0x18, {{r4, r5, r6, r7, 0x5, 0x6}}}, @cpu={'cpu\x00', 0x8, {{0x2}}}]}, [@common=@AUDIT={'AUDIT\x00', 0x8, {{0x3}}}]}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x8001}}}}, {{{0x19, 0x28, 0x88ff, 'nr0\x00', 'ipddp0\x00', 'irlan0\x00', 'bridge_slave_1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], @local, [0xff, 0xff, 0xff, 0xff], 0x70, 0xa8, 0x120}, [@common=@dnat={'dnat\x00', 0x10, {{@random="f8686ea01d12", 0xffffffffffffffff}}}]}, @common=@nflog={'nflog\x00', 0x50, {{0x2, 0xfdfce58, 0x3f, 0x0, 0x0, "ea21d840a53a397c0ec10cc653c63576834ab33a131bc9fdf7a66ae75a55ab3a95b5b9ae22bd2cbd2857931e70b69d8fba5b72abb9e1b691c8c76543f154d575"}}}}]}, {0x0, '\x00', 0x4, 0xffffffffffffffff, 0x1, [{{{0x11, 0xc, 0x60, 'veth0_to_bond\x00', 'vcan0\x00', 'bridge0\x00', 'ip_vti0\x00', @local, [0x0, 0xff, 0xff, 0x0, 0xff], @empty, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], 0xa0, 0xe8, 0x130, [@state={'state\x00', 0x8, {{0x101}}}]}, [@common=@ERROR={'ERROR\x00', 0x20, {"2d3964942a57b7293b32167eaa779f2826f15cc0975960a8d1f371637e3c"}}]}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x1f, 0xff, 0x3f}}}}]}, {0x0, '\x00', 0x5, 0xfffffffffffffffe}]}, 0x7b0)
getsockname(r3, &(0x7f0000000bc0)=@can={0x1d, <r8=>0x0}, &(0x7f0000000100)=0x80)
fcntl$notify(r0, 0x402, 0x2)
setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000c40)={{{@in=@broadcast, @in6=@ipv4={[], [], @loopback}, 0x4e22, 0x2, 0x4e23, 0x2, 0x0, 0x80, 0x20, 0x3b, r8, r5}, {0xffffffff, 0x5, 0x1, 0x8, 0xffffffffffffff81, 0x1, 0x9, 0x80000000000000}, {0x8000, 0x0, 0xa5d, 0x9}, 0x7fff, 0x6e6bb7, 0x3, 0x0, 0x1, 0x1}, {{@in=@multicast1, 0x4d6}, 0x0, @in=@rand_addr, 0x0, 0x3, 0x0, 0x7fffffff, 0x80000001, 0x80, 0x8}}, 0xe8)
r9 = fcntl$dupfd(r0, 0x0, r0)
fcntl$setflags(r1, 0x2, 0x1)
bind$bt_rfcomm(r9, &(0x7f0000000040), 0x2)

[  987.650749]  ? copy_mount_options+0x315/0x430
[  987.650793]  ksys_mount+0x12d/0x140
[  987.650824]  __x64_sys_mount+0xbe/0x150
[  987.650859]  do_syscall_64+0x1b9/0x820
[  987.650878]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  987.650899]  ? syscall_return_slowpath+0x5e0/0x5e0
[  987.676099]  ? trace_hardirqs_on_caller+0x310/0x310
[  987.676120]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  987.676139]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  987.676156]  ? __switch_to_asm+0x40/0x70
[  987.676168]  ? __switch_to_asm+0x34/0x70
[  987.676191]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  987.676217]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  987.688374] RIP: 0033:0x457569
[  987.688392] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  987.688401] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  987.688417] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
03:45:10 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2a0ffffffff, 0x0, 0x2}}}, 0x50}}, 0x0)

[  987.688428] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  987.688438] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  987.688456] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  987.688473] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  987.753413] EXT4-fs error (device sda1) in __ext4_new_inode:933: Out of memory
[  987.846872] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:10 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0xffffffffffffffff, r0)
sendfile(r1, r0, &(0x7f0000000000), 0x8001)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xa)
ioctl$void(r1, 0x5450)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0)=0x1)

03:45:10 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xfffffff0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:10 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:10 executing program 1:
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:10 executing program 4 (fault-call:2 fault-nth:61):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:10 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x6)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x6, 0x10000, 0x81, 0x7fffffff, 0xbee3})

03:45:10 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2000000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  988.115381] FAT-fs (loop3): bogus number of reserved sectors
[  988.124843] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:11 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0xffffffffffffff4a)

03:45:11 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf0ffffff00000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:11 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2000, 0x0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  988.162399] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  988.183118] FAULT_INJECTION: forcing a failure.
[  988.183118] name failslab, interval 1, probability 0, space 0, times 0
[  988.240514] CPU: 0 PID: 14077 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  988.249038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  988.249046] Call Trace:
[  988.249075]  dump_stack+0x244/0x39d
[  988.249101]  ? dump_stack_print_info.cold.1+0x20/0x20
[  988.249127]  ? rcu_softirq_qs+0x20/0x20
[  988.249155]  should_fail.cold.4+0xa/0x17
[  988.249178]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  988.249198]  ? kernel_text_address+0x79/0xf0
[  988.249219]  ? __kernel_text_address+0xd/0x40
[  988.249248]  ? __save_stack_trace+0x8d/0xf0
[  988.249269]  ? zap_class+0x640/0x640
[  988.249299]  ? save_stack+0xa9/0xd0
[  988.249326]  ? __lock_is_held+0xb5/0x140
[  988.303741]  ? print_usage_bug+0xc0/0xc0
[  988.303768]  ? legacy_get_tree+0x131/0x460
[  988.303794]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  988.303811]  ? perf_trace_sched_process_exec+0x860/0x860
[  988.303835]  ? __lock_acquire+0x62f/0x4c20
[  988.331202]  __should_failslab+0x124/0x180
[  988.335483]  should_failslab+0x9/0x14
[  988.339299]  __kmalloc+0x2e0/0x760
[  988.342863]  ? ext4_find_extent+0x757/0x9b0
[  988.347208]  ext4_find_extent+0x757/0x9b0
[  988.351387]  ext4_ext_map_blocks+0x28c/0x48e0
[  988.355895]  ? kasan_check_write+0x14/0x20
[  988.360157]  ? ext4_ext_release+0x10/0x10
[  988.360182]  ? zap_class+0x640/0x640
[  988.360201]  ? zap_class+0x640/0x640
[  988.360220]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.360237]  ? check_preemption_disabled+0x48/0x280
[  988.360273]  ? lock_acquire+0x1ed/0x520
[  988.368115]  ? ext4_map_blocks+0x88f/0x1b50
[  988.368140]  ? lock_release+0xa10/0xa10
[  988.368156]  ? perf_trace_sched_process_exec+0x860/0x860
[  988.368174]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  988.368188]  ? kasan_check_read+0x11/0x20
[  988.368202]  ? do_raw_spin_unlock+0xa7/0x330
[  988.368234]  ? down_write+0x8a/0x130
[  988.377490]  ? ext4_map_blocks+0x88f/0x1b50
[  988.377508]  ? down_read+0x120/0x120
[  988.377537]  ext4_map_blocks+0x8f7/0x1b50
[  988.377568]  ? ext4_issue_zeroout+0x190/0x190
[  988.377583]  ? kasan_check_read+0x11/0x20
03:45:11 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000080)={{{@in6, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x20000, 0x0)
sendto$packet(r1, &(0x7f0000000000)="075879ee1c9468cb45acbf57ba728e9e559b7660ee3318c49885d610a3b73b2d74a8fc6839f0b8a3b5", 0x29, 0xc010, &(0x7f00000001c0)={0x11, 0x3, r2, 0x1, 0x20, 0x6, @broadcast}, 0x14)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

[  988.377611]  ext4_getblk+0x10e/0x630
[  988.377633]  ? __lockdep_init_map+0x105/0x590
[  988.405043]  ? ext4_iomap_begin+0x1390/0x1390
[  988.405066]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.405084]  ? __dquot_initialize+0x629/0xdd0
[  988.405101]  ? __init_waitqueue_head+0x9e/0x150
[  988.405122]  ext4_bread+0x95/0x2b0
[  988.405141]  ? ext4_getblk+0x630/0x630
[  988.405160]  ? dquot_get_next_dqblk+0x180/0x180
[  988.425445]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.434093]  ? __lookup_slow+0x312/0x540
[  988.434119]  ext4_append+0x14e/0x370
03:45:11 executing program 1:
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$key(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="021408090e00000029bd6000efdbdf25040004000101000008000000000000008d0e000000000008ab162800000000001800120002000100bf6b6e000700000006006c00017600000004000000000000e0000002000000000000000000000000ac1414aa000000000000000000000000"], 0x70}}, 0x800)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0x200000000, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000)=<r4=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000001c0)={{0xa, 0x2, 0x4, 0x8, 'syz0\x00', 0x2}, 0x4, 0x36, 0x5, r4, 0x2, 0x3, 'syz1\x00', &(0x7f0000000140)=['nodev^+--{self(\'keyringem0keyringvboxnet1trustedsecurity}system{\x00', '/dev/snd/controlC#\x00'], 0x54, [], [0x9, 0x9, 0x141, 0xfff]})
ioctl$FS_IOC_GETFLAGS(r3, 0xc0045540, &(0x7f0000000080))
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

[  988.434144]  ext4_mkdir+0x532/0xe60
[  988.434173]  ? ext4_init_dot_dotdot+0x510/0x510
[  988.434195]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.434218]  ? security_inode_permission+0xd2/0x100
[  988.456594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.456612]  ? security_inode_mkdir+0xe8/0x120
[  988.456633]  vfs_mkdir+0x42e/0x6b0
[  988.456658]  ovl_create_real+0x225/0x410
[  988.456682]  ovl_workdir_create+0x564/0x820
[  988.456706]  ? ovl_mount_dir+0x1c0/0x1c0
[  988.456728]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.456776]  ovl_fill_super+0x12fc/0x3f33
[  988.469479]  ? vfs_get_super+0x270/0x270
[  988.483579]  ? ovl_show_options+0x550/0x550
[  988.483628]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.483649]  ? get_anon_bdev+0xc0/0xc0
[  988.505223]  ? sget+0x113/0x150
[  988.505246]  ? ovl_show_options+0x550/0x550
[  988.505263]  mount_nodev+0x73/0x120
[  988.505284]  ? ovl_own_xattr_set+0x10/0x10
[  988.505300]  ovl_mount+0x34/0x40
[  988.505319]  legacy_get_tree+0x131/0x460
[  988.505341]  vfs_get_tree+0x1cb/0x5c0
[  988.505355]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  988.505372]  do_mount+0x70c/0x1d90
[  988.505394]  ? copy_mount_string+0x40/0x40
[  988.515940]  ? retint_kernel+0x2d/0x2d
[  988.515972]  ? copy_mount_options+0x20f/0x430
[  988.515990]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  988.516005]  ? copy_mount_options+0x315/0x430
[  988.516027]  ksys_mount+0x12d/0x140
[  988.516046]  __x64_sys_mount+0xbe/0x150
[  988.516068]  do_syscall_64+0x1b9/0x820
[  988.516091]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
03:45:11 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x1)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000300)={0x3, 0x0, [{0xf000, 0xf0, &(0x7f0000000100)=""/240}, {0x3004, 0x3b, &(0x7f0000000080)=""/59}, {0x117001, 0x3da, &(0x7f0000000200)=""/222}]})
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

[  988.532583]  ? syscall_return_slowpath+0x5e0/0x5e0
[  988.532605]  ? trace_hardirqs_on_caller+0x310/0x310
[  988.532624]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  988.532643]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  988.532660]  ? __switch_to_asm+0x40/0x70
[  988.560304]  ? __switch_to_asm+0x34/0x70
[  988.560330]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  988.560359]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  988.560372] RIP: 0033:0x457569
[  988.560391] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  988.590958] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  988.590975] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  988.590985] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  988.590996] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  988.591006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  988.591015] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  988.616675] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:11 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x5}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:11 executing program 1:
stat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
r1 = getegid()
setregid(r0, r1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x406, r2)
ioctl$TUNGETIFF(r3, 0x800454d2, &(0x7f0000000000))
faccessat(r3, &(0x7f0000000200)='./file0\x00', 0x100, 0x400)
bind$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x800000, 0x3, 0x0, 0x9}, 0x8001}, 0x8a5dbff8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000080)={<r4=>0x0, 0x200000}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000100)={r4, @in={{0x2, 0x4e22, @multicast2}}}, &(0x7f00000001c0)=0x84)

03:45:11 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:11 executing program 4 (fault-call:2 fault-nth:62):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:11 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x100000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:11 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = dup(0xffffffffffffff9c)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x9)
r2 = syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x59b36a4a, 0x100)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000080)={0x20, 0x22, 0xb, 0x16, 0xa, 0x9, 0x5, 0x13f})
r3 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r3, 0x800448d5, &(0x7f00000000c0))

[  988.926202] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  988.943839] FAT-fs (loop3): bogus number of reserved sectors
03:45:11 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xa0020000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  988.969003] FAULT_INJECTION: forcing a failure.
[  988.969003] name failslab, interval 1, probability 0, space 0, times 0
[  988.977580] FAT-fs (loop3): Can't find a valid FAT filesystem
[  988.993796] CPU: 0 PID: 14125 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  989.002306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  989.011666] Call Trace:
[  989.014288]  dump_stack+0x244/0x39d
[  989.017946]  ? dump_stack_print_info.cold.1+0x20/0x20
[  989.023147]  ? rcu_softirq_qs+0x20/0x20
[  989.027164]  should_fail.cold.4+0xa/0x17
[  989.031249]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  989.036380]  ? kernel_text_address+0x79/0xf0
[  989.040813]  ? __kernel_text_address+0xd/0x40
[  989.045333]  ? __save_stack_trace+0x8d/0xf0
[  989.045353]  ? zap_class+0x640/0x640
[  989.045385]  ? save_stack+0xa9/0xd0
[  989.045407]  ? __lock_is_held+0xb5/0x140
[  989.045421]  ? print_usage_bug+0xc0/0xc0
[  989.045444]  ? legacy_get_tree+0x131/0x460
[  989.053498]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  989.053516]  ? perf_trace_sched_process_exec+0x860/0x860
[  989.053536]  ? __lock_acquire+0x62f/0x4c20
[  989.053559]  __should_failslab+0x124/0x180
[  989.061233]  should_failslab+0x9/0x14
[  989.061251]  __kmalloc+0x2e0/0x760
[  989.061274]  ? ext4_find_extent+0x757/0x9b0
[  989.061297]  ext4_find_extent+0x757/0x9b0
[  989.075015]  ext4_ext_map_blocks+0x28c/0x48e0
[  989.075033]  ? kasan_check_write+0x14/0x20
[  989.075065]  ? ext4_ext_release+0x10/0x10
[  989.075086]  ? zap_class+0x640/0x640
[  989.075104]  ? zap_class+0x640/0x640
[  989.089008]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.089027]  ? check_preemption_disabled+0x48/0x280
[  989.089070]  ? lock_acquire+0x1ed/0x520
[  989.096402]  ? ext4_map_blocks+0x88f/0x1b50
[  989.096427]  ? lock_release+0xa10/0xa10
[  989.096441]  ? perf_trace_sched_process_exec+0x860/0x860
[  989.096470]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  989.096483]  ? kasan_check_read+0x11/0x20
[  989.096498]  ? do_raw_spin_unlock+0xa7/0x330
03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  989.096528]  ? down_write+0x8a/0x130
[  989.104969]  ? ext4_map_blocks+0x88f/0x1b50
[  989.104987]  ? down_read+0x120/0x120
[  989.105015]  ext4_map_blocks+0x8f7/0x1b50
[  989.105044]  ? ext4_issue_zeroout+0x190/0x190
[  989.105060]  ? kasan_check_read+0x11/0x20
[  989.105087]  ext4_getblk+0x10e/0x630
[  989.113809]  ? __lockdep_init_map+0x105/0x590
[  989.113830]  ? ext4_iomap_begin+0x1390/0x1390
[  989.113850]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.113871]  ? __dquot_initialize+0x629/0xdd0
[  989.121719]  ? __init_waitqueue_head+0x9e/0x150
[  989.121742]  ext4_bread+0x95/0x2b0
[  989.121760]  ? ext4_getblk+0x630/0x630
[  989.121780]  ? dquot_get_next_dqblk+0x180/0x180
[  989.131028]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.131044]  ? __lookup_slow+0x312/0x540
[  989.131068]  ext4_append+0x14e/0x370
[  989.131091]  ext4_mkdir+0x532/0xe60
[  989.140083]  ? ext4_init_dot_dotdot+0x510/0x510
[  989.140106]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.140125]  ? security_inode_permission+0xd2/0x100
[  989.140146]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.148434]  ? security_inode_mkdir+0xe8/0x120
[  989.148468]  vfs_mkdir+0x42e/0x6b0
[  989.148493]  ovl_create_real+0x225/0x410
[  989.148516]  ovl_workdir_create+0x564/0x820
[  989.158627]  ? ovl_mount_dir+0x1c0/0x1c0
[  989.158643]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.158689]  ovl_fill_super+0x12fc/0x3f33
[  989.158709]  ? vfs_get_super+0x270/0x270
[  989.158745]  ? ovl_show_options+0x550/0x550
[  989.158788]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.171039]  ? get_anon_bdev+0xc0/0xc0
03:45:12 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xc6, 0x4, 0x5, 0x9, 0x401})
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x80000000, 0x1, 0x4, 0x4, 0x7})
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x860c0000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:12 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000080)={{{@in6=@local, @in6=@loopback}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000000000)=0xe8)

[  989.183218]  ? sget+0x113/0x150
[  989.183257]  ? ovl_show_options+0x550/0x550
[  989.183288]  mount_nodev+0x73/0x120
[  989.200111]  ? ovl_own_xattr_set+0x10/0x10
[  989.200128]  ovl_mount+0x34/0x40
[  989.200147]  legacy_get_tree+0x131/0x460
[  989.200170]  vfs_get_tree+0x1cb/0x5c0
[  989.219343]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  989.219362]  do_mount+0x70c/0x1d90
[  989.219382]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  989.219404]  ? copy_mount_string+0x40/0x40
[  989.226823]  ? copy_mount_options+0x5f/0x430
03:45:12 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x16, 0x71, &(0x7f0000000100)="340c72e81d209109311545537c9e28bfe2f1619e2c73a6a6666a2e09e174f5a79abb602666e2740455e8820e1a156fcee927f411a0f481dbb72ba247b97bc7979fe84fe2af065b3cd452c36bd98508fd520b55b787a075114312229753c92fe50cc589232bd6c75657e263a17122c3df15"})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
setns(r1, 0x24000000)

[  989.237024]  ? kmem_cache_alloc_trace+0x353/0x750
[  989.237046]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  989.237069]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  989.237084]  ? copy_mount_options+0x315/0x430
[  989.237104]  ksys_mount+0x12d/0x140
[  989.237136]  __x64_sys_mount+0xbe/0x150
[  989.244903]  do_syscall_64+0x1b9/0x820
[  989.244926]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  989.244945]  ? syscall_return_slowpath+0x5e0/0x5e0
[  989.244965]  ? trace_hardirqs_on_caller+0x310/0x310
[  989.244989]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  989.245007]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  989.245025]  ? __switch_to_asm+0x40/0x70
[  989.253318]  ? __switch_to_asm+0x34/0x70
[  989.253343]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  989.253370]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  989.253387] RIP: 0033:0x457569
[  989.263930] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  989.263940] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  989.263955] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  989.263965] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  989.263974] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  989.263991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  989.274088] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  989.490521] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:12 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0ffffffffffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xffffffffa0020000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:12 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x1, 0x200000000}}, 0xa)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x10000, 0x10000, 0x0, 0x4, 0xffffffffffffffc7, 0x4, 0x1, 0x8, 0x10001, 0x1, 0x101, 0x100})

03:45:12 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$FS_IOC_SETVERSION(r0, 0x800448d5, &(0x7f00000000c0))

03:45:12 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:12 executing program 4 (fault-call:2 fault-nth:63):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  989.689231] FAT-fs (loop3): bogus number of reserved sectors
[  989.721135] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:12 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x80, 0x20000000000000}}, 0xa)

[  989.735334] FAT-fs (loop3): Can't find a valid FAT filesystem
[  989.769180] FAULT_INJECTION: forcing a failure.
[  989.769180] name failslab, interval 1, probability 0, space 0, times 0
[  989.805426] CPU: 0 PID: 14167 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
03:45:12 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x6, {0xa9, 0x401, 0x1, 0x0, 0x4}, 0x0, 0x7}, 0xe)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000003c0)={0x0, 0x0, 0x6000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
r2 = semget(0x2, 0x1, 0x28)
semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000100)=""/186)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000400)={0x0, 0x401, 0x1, 0xa8df, 0x4, 0x10001, 0x7fff, 0x5, {<r3=>0x0, @in={{0x2, 0x4e22, @loopback}}, 0x7, 0x80, 0x7ff, 0x7, 0x1f}}, &(0x7f00000004c0)=0xb0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000500)={0x9, 0x6, 0x8000, 0x1, 0x4, 0x0, 0x81, 0x7, r3}, &(0x7f0000000540)=0x20)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000001c0)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x1, @local, 0x5}}, 0x4, 0x2}, &(0x7f0000000000)=0x90)
getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000340), &(0x7f0000000580)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000280)={r4, @in6={{0xa, 0x4e24, 0x2, @empty, 0x1f}}, 0x101, 0x5, 0x8, 0x6, 0x4}, 0x98)

[  989.813959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  989.813967] Call Trace:
[  989.813993]  dump_stack+0x244/0x39d
[  989.814020]  ? dump_stack_print_info.cold.1+0x20/0x20
[  989.814044]  ? zap_class+0x640/0x640
[  989.838497]  ? __mark_inode_dirty+0xfb5/0x1500
[  989.843101]  should_fail.cold.4+0xa/0x17
[  989.847178]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  989.852288]  ? __lock_is_held+0xb5/0x140
[  989.856375]  ? zap_class+0x640/0x640
[  989.860108]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x40030000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:12 executing program 1:
r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x20000)
getsockopt$inet_udp_int(r0, 0x11, 0x6f, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000001440)={0x1, 0x1, &(0x7f0000000240)=""/4096, &(0x7f0000001240)=""/247, &(0x7f0000001340)=""/230, 0x4})
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000001640)={<r2=>0x0, 0x6}, &(0x7f0000001680)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000016c0)={r2, 0x4f3, 0xc9, "41fca863ad9dd72614709a29715b278a6226a71c6144a86d2ef9b7da96a9818467fe748494aa58797aa6c97da11e38b0553a42c96ff1016a83b4aec0b5b9730ba15f747d50d67d963a69b68ecd4b9ff04af2ac0b422ad6a563a56ffefd680174c221ab93bb7d068fa0faf23f647f69a284480689542ef192a9f55de6e73bcc74823d8d4739c137d465ab0bf25d617f59fe150124539a44eeefc31e551dda0b9711ce26c0923c40ad72e758071c61c58261dcbd484b6484fcb035ba54f614b10a9b964de5986041a8ac"}, 0xd1)
r3 = accept$nfc_llcp(r0, &(0x7f0000000180), &(0x7f0000000200)=0x60)
dup2(r3, r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001600)={r0, 0x0, 0x50, 0x98, &(0x7f00000014c0)="81dc74afaa75e14738c1756ceaf19cde12ca264224d8dbd7dc72774d2b2229b5acbf2a6b30e4047379b714b73924e4a5d773153cf7b03c3c09415f76d849afa4292e9fd417030dc047110ec892704fac", &(0x7f0000001540)=""/152, 0xfffffffffffffbff}, 0x28)
r4 = fcntl$dupfd(r1, 0xfffffffffffffffc, r1)
syz_open_dev$sndctrl(&(0x7f0000001480)='/dev/snd/controlC#\x00', 0x4, 0x20000)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000000)=0x1b, &(0x7f0000000080)=0x2)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r4, 0x28, 0x0, &(0x7f00000000c0)=0x6, 0x8)

[  989.865672]  ? __mark_inode_dirty+0x4ad/0x1500
[  989.870268]  ? __inode_attach_wb+0x13f0/0x13f0
[  989.874868]  ? __lock_is_held+0xb5/0x140
[  989.874887]  ? rcu_softirq_qs+0x20/0x20
[  989.874918]  ? inode_add_bytes+0xd3/0xf0
[  989.874934]  ? perf_trace_sched_process_exec+0x860/0x860
[  989.874953]  ? __dquot_alloc_space+0x4b9/0x8c0
[  989.874972]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  989.874995]  __should_failslab+0x124/0x180
[  989.875017]  should_failslab+0x9/0x14
[  989.887304]  kmem_cache_alloc+0x2be/0x730
[  989.887337]  ext4_mb_new_blocks+0x782/0x4820
[  989.887362]  ? find_held_lock+0x36/0x1c0
[  989.923046]  ? ext4_discard_preallocations+0x1900/0x1900
[  989.928523]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  989.933476]  ? kasan_check_read+0x11/0x20
[  989.937651]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  989.942951]  ? rcu_softirq_qs+0x20/0x20
[  989.946942]  ? rcu_softirq_qs+0x20/0x20
[  989.950936]  ? unwind_dump+0x190/0x190
[  989.954853]  ? is_bpf_text_address+0xd3/0x170
[  989.959369]  ? kernel_text_address+0x79/0xf0
[  989.963796]  ? __kernel_text_address+0xd/0x40
03:45:12 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xffffff7f, 0x0, 0x2}}}, 0x50}}, 0x0)

[  989.968304]  ? unwind_get_return_address+0x61/0xa0
[  989.973247]  ? __save_stack_trace+0x8d/0xf0
[  989.977603]  ? save_stack+0xa9/0xd0
[  989.981254]  ? save_stack+0x43/0xd0
[  989.984891]  ? kasan_kmalloc+0xc7/0xe0
[  989.988821]  ? __kmalloc+0x15b/0x760
[  989.992549]  ? ext4_find_extent+0x757/0x9b0
[  989.996883]  ? ext4_ext_map_blocks+0x28c/0x48e0
[  990.001570]  ? ext4_map_blocks+0x8f7/0x1b50
[  990.005904]  ? ext4_getblk+0x10e/0x630
[  990.009814]  ? ext4_bread+0x95/0x2b0
[  990.013539]  ? ext4_append+0x14e/0x370
[  990.017436]  ? ext4_mkdir+0x532/0xe60
[  990.021257]  ? vfs_mkdir+0x42e/0x6b0
[  990.024980]  ? ovl_create_real+0x225/0x410
[  990.029227]  ? ovl_workdir_create+0x564/0x820
[  990.029244]  ? ovl_fill_super+0x12fc/0x3f33
[  990.029258]  ? mount_nodev+0x73/0x120
[  990.029273]  ? ovl_mount+0x34/0x40
[  990.029287]  ? legacy_get_tree+0x131/0x460
[  990.029299]  ? vfs_get_tree+0x1cb/0x5c0
[  990.029316]  ? do_mount+0x70c/0x1d90
[  990.038132]  ? ksys_mount+0x12d/0x140
[  990.045472]  ? __x64_sys_mount+0xbe/0x150
[  990.045489]  ? do_syscall_64+0x1b9/0x820
[  990.045510]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  990.045536]  ? zap_class+0x640/0x640
[  990.045560]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.045577]  ? check_preemption_disabled+0x48/0x280
[  990.045601]  ? __lock_is_held+0xb5/0x140
[  990.045631]  ? rcu_read_lock_sched_held+0x14f/0x180
[  990.045654]  ? __kmalloc+0x5ee/0x760
[  990.069623]  ? ext4_find_extent+0x757/0x9b0
[  990.069658]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.069675]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.069695]  ? ext4_inode_to_goal_block+0x2e3/0x3f0
[  990.098342]  ext4_ext_map_blocks+0x2715/0x48e0
[  990.098381]  ? ext4_ext_release+0x10/0x10
[  990.098403]  ? zap_class+0x640/0x640
[  990.098421]  ? zap_class+0x640/0x640
[  990.112004]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.112023]  ? check_preemption_disabled+0x48/0x280
[  990.112060]  ? lock_acquire+0x1ed/0x520
[  990.122608]  ? ext4_map_blocks+0x88f/0x1b50
[  990.122634]  ? lock_release+0xa10/0xa10
[  990.122650]  ? perf_trace_sched_process_exec+0x860/0x860
[  990.122667]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  990.122686]  ? kasan_check_read+0x11/0x20
[  990.131395]  ? do_raw_spin_unlock+0xa7/0x330
[  990.131429]  ? down_write+0x8a/0x130
[  990.131443]  ? ext4_map_blocks+0x88f/0x1b50
[  990.131484]  ? down_read+0x120/0x120
[  990.131511]  ext4_map_blocks+0x8f7/0x1b50
[  990.138933]  ? ext4_issue_zeroout+0x190/0x190
[  990.138950]  ? kasan_check_read+0x11/0x20
[  990.138980]  ext4_getblk+0x10e/0x630
[  990.138999]  ? __lockdep_init_map+0x105/0x590
[  990.149541]  ? ext4_iomap_begin+0x1390/0x1390
[  990.149564]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.149582]  ? __dquot_initialize+0x629/0xdd0
[  990.149599]  ? __init_waitqueue_head+0x9e/0x150
[  990.149619]  ext4_bread+0x95/0x2b0
[  990.157907]  ? ext4_getblk+0x630/0x630
[  990.157923]  ? dquot_get_next_dqblk+0x180/0x180
[  990.157943]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.157958]  ? __lookup_slow+0x312/0x540
[  990.157983]  ext4_append+0x14e/0x370
[  990.158006]  ext4_mkdir+0x532/0xe60
[  990.158034]  ? ext4_init_dot_dotdot+0x510/0x510
[  990.158055]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.167475]  ? security_inode_permission+0xd2/0x100
[  990.167496]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.167512]  ? security_inode_mkdir+0xe8/0x120
[  990.167532]  vfs_mkdir+0x42e/0x6b0
[  990.167556]  ovl_create_real+0x225/0x410
[  990.167577]  ovl_workdir_create+0x564/0x820
[  990.167602]  ? ovl_mount_dir+0x1c0/0x1c0
[  990.176399]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.176459]  ovl_fill_super+0x12fc/0x3f33
[  990.176483]  ? vfs_get_super+0x270/0x270
[  990.176514]  ? ovl_show_options+0x550/0x550
[  990.176559]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.184684]  ? get_anon_bdev+0xc0/0xc0
[  990.184700]  ? sget+0x113/0x150
[  990.184729]  ? ovl_show_options+0x550/0x550
[  990.184746]  mount_nodev+0x73/0x120
[  990.184783]  ? ovl_own_xattr_set+0x10/0x10
[  990.184803]  ovl_mount+0x34/0x40
[  990.184827]  legacy_get_tree+0x131/0x460
[  990.184859]  vfs_get_tree+0x1cb/0x5c0
[  990.192882]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  990.192901]  do_mount+0x70c/0x1d90
[  990.192921]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  990.192942]  ? copy_mount_string+0x40/0x40
[  990.192963]  ? copy_mount_options+0x5f/0x430
[  990.209446]  ? kmem_cache_alloc_trace+0x353/0x750
[  990.209480]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  990.209507]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.224025]  ? copy_mount_options+0x315/0x430
[  990.224048]  ksys_mount+0x12d/0x140
[  990.224069]  __x64_sys_mount+0xbe/0x150
[  990.224090]  do_syscall_64+0x1b9/0x820
[  990.224114]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  990.236797]  ? syscall_return_slowpath+0x5e0/0x5e0
[  990.236819]  ? trace_hardirqs_on_caller+0x310/0x310
[  990.236837]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  990.236860]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  990.245400]  ? __switch_to_asm+0x40/0x70
[  990.245413]  ? __switch_to_asm+0x34/0x70
[  990.245437]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  990.245478]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  990.245490] RIP: 0033:0x457569
[  990.245507] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  990.245523] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  990.255106] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  990.255116] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  990.255125] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  990.255136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  990.255145] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  990.289240] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:13 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc1f0000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:13 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:13 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x400300, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:13 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
recvfrom$inet6(r1, &(0x7f0000000100), 0x0, 0x20, &(0x7f0000000140)={0xa, 0x4e22, 0x80000001, @ipv4, 0x80}, 0x1c)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x200000000}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000000))

03:45:13 executing program 4 (fault-call:2 fault-nth:64):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:13 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:13 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf00, 0x0, 0x2}}}, 0x50}}, 0x0)

[  990.624193] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  990.644530] FAT-fs (loop3): bogus number of reserved sectors
[  990.662471] FAULT_INJECTION: forcing a failure.
[  990.662471] name failslab, interval 1, probability 0, space 0, times 0
03:45:13 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
socket$kcm(0x29, 0x5, 0x0)

[  990.685156] FAT-fs (loop3): Can't find a valid FAT filesystem
[  990.710559] CPU: 1 PID: 14207 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  990.719076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  990.728472] Call Trace:
[  990.731078]  dump_stack+0x244/0x39d
[  990.734733]  ? dump_stack_print_info.cold.1+0x20/0x20
[  990.739943]  ? rcu_softirq_qs+0x20/0x20
[  990.743937]  should_fail.cold.4+0xa/0x17
[  990.748011]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  990.748031]  ? kernel_text_address+0x79/0xf0
[  990.748049]  ? __kernel_text_address+0xd/0x40
[  990.748073]  ? __save_stack_trace+0x8d/0xf0
[  990.757615]  ? zap_class+0x640/0x640
[  990.757644]  ? save_stack+0xa9/0xd0
[  990.757667]  ? __lock_is_held+0xb5/0x140
[  990.757682]  ? print_usage_bug+0xc0/0xc0
[  990.757704]  ? legacy_get_tree+0x131/0x460
[  990.757735]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  990.770253]  ? perf_trace_sched_process_exec+0x860/0x860
[  990.770275]  ? __lock_acquire+0x62f/0x4c20
[  990.770299]  __should_failslab+0x124/0x180
[  990.770318]  should_failslab+0x9/0x14
[  990.782048]  __kmalloc+0x2e0/0x760
[  990.782072]  ? ext4_find_extent+0x757/0x9b0
[  990.782093]  ext4_find_extent+0x757/0x9b0
[  990.791690]  ext4_ext_map_blocks+0x28c/0x48e0
[  990.791709]  ? kasan_check_write+0x14/0x20
[  990.791740]  ? ext4_ext_release+0x10/0x10
[  990.791760]  ? zap_class+0x640/0x640
[  990.801443]  ? zap_class+0x640/0x640
[  990.801475]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.801493]  ? check_preemption_disabled+0x48/0x280
[  990.801530]  ? lock_acquire+0x1ed/0x520
[  990.809558]  ? ext4_map_blocks+0x88f/0x1b50
[  990.809584]  ? lock_release+0xa10/0xa10
[  990.809599]  ? perf_trace_sched_process_exec+0x860/0x860
[  990.809623]  ? ext4_es_cache_extent+0x6a0/0x6a0
[  990.817474]  ? kasan_check_read+0x11/0x20
[  990.817490]  ? do_raw_spin_unlock+0xa7/0x330
[  990.817523]  ? down_write+0x8a/0x130
[  990.817538]  ? ext4_map_blocks+0x88f/0x1b50
[  990.817554]  ? down_read+0x120/0x120
[  990.817581]  ext4_map_blocks+0x8f7/0x1b50
[  990.830480]  ? ext4_issue_zeroout+0x190/0x190
[  990.830497]  ? kasan_check_read+0x11/0x20
[  990.830529]  ext4_getblk+0x10e/0x630
[  990.838380]  ? __lockdep_init_map+0x105/0x590
[  990.838401]  ? ext4_iomap_begin+0x1390/0x1390
[  990.838421]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.838446]  ? __dquot_initialize+0x629/0xdd0
[  990.847695]  ? __init_waitqueue_head+0x9e/0x150
[  990.847717]  ext4_bread+0x95/0x2b0
[  990.847737]  ? ext4_getblk+0x630/0x630
[  990.847753]  ? dquot_get_next_dqblk+0x180/0x180
[  990.847772]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.847786]  ? __lookup_slow+0x312/0x540
[  990.847809]  ext4_append+0x14e/0x370
[  990.856788]  ext4_mkdir+0x532/0xe60
[  990.856818]  ? ext4_init_dot_dotdot+0x510/0x510
[  990.856841]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.856860]  ? security_inode_permission+0xd2/0x100
03:45:13 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00')
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000100b}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000125bd7000fcdbdf25020c00020003000000000000000c000600010000000000000000000000000000000000001b7384aab169e2a5a7c1870fc4d127d3c2c9e619d470ee3040d632288424f8d457b4992145667216a7e5cdfaa51abf3ea4f3129ec42757bd2b2e73bfe10e0549667decc9914ff108403dfa1e83e443c9b5cbf1137dc6deba8365dc74e82975efa91f0f175e7e1aaf399c575215dbd4e4a05e3ed0140b9c7abf82a41c4d3e49b9e6bd4f721215446c6b62dec85227dc525628baeb5f28ff7240bcab2f6f183be7301c342b9ffdbbd6cd32bb71e17c3a94ff1ae9921b9bd90101c3742af71cc76609a06039f5c312b97619916e8599df264650befa3797c6e4496acb4bf95af860786e9805e4fe2f1f1e7aa624b0743981fb84f8ca2feec85c7735ea8d50cc153437706a351774af264bd2c107d47d4a3af141b92089c5c2ddb2cdd82a609d04c58e7c820dc6565546cd52f57f205ebadb413ea6aa1a84d6de84d53bc441c30bf2872258d1b037a6d53d3d832d3ef9bcb82e930040f372c4f1a8df389db7d5572b6591ce9d5b50becf9214dff312bc23a1a9f1559d41c6501243d5586280ea64d089a30a5f7c975bb2beb35c6a0656fb674335fe14583caf3a63a8c6d965483399e93747a567b622cc79ba412f313550f298ffc5bcf5d9c7ff57462c11e91053aed71aae73ab"], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000000))

[  990.856881]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.865170]  ? security_inode_mkdir+0xe8/0x120
[  990.865191]  vfs_mkdir+0x42e/0x6b0
[  990.865225]  ovl_create_real+0x225/0x410
[  990.865249]  ovl_workdir_create+0x564/0x820
[  990.865275]  ? ovl_mount_dir+0x1c0/0x1c0
[  990.875373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.875422]  ovl_fill_super+0x12fc/0x3f33
[  990.875443]  ? vfs_get_super+0x270/0x270
[  990.875485]  ? ovl_show_options+0x550/0x550
[  990.884298]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.884318]  ? get_anon_bdev+0xc0/0xc0
03:45:13 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x3, 0x0, 0x2}}}, 0x50}}, 0x0)

[  990.884336]  ? sget+0x113/0x150
[  990.892388]  ? ovl_show_options+0x550/0x550
[  990.892406]  mount_nodev+0x73/0x120
[  990.892426]  ? ovl_own_xattr_set+0x10/0x10
[  990.892445]  ovl_mount+0x34/0x40
[  990.900322]  legacy_get_tree+0x131/0x460
[  990.900346]  vfs_get_tree+0x1cb/0x5c0
[  990.900361]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  990.900382]  do_mount+0x70c/0x1d90
[  990.909026]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  990.909050]  ? copy_mount_string+0x40/0x40
[  990.909073]  ? copy_mount_options+0x5f/0x430
[  990.909095]  ? kmem_cache_alloc_trace+0x353/0x750
[  990.917326]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  990.917352]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  990.917368]  ? copy_mount_options+0x315/0x430
[  990.917390]  ksys_mount+0x12d/0x140
[  990.917410]  __x64_sys_mount+0xbe/0x150
[  990.917432]  do_syscall_64+0x1b9/0x820
[  990.927477]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  990.927501]  ? syscall_return_slowpath+0x5e0/0x5e0
[  990.927522]  ? trace_hardirqs_on_caller+0x310/0x310
03:45:13 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xfffffff0, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:14 executing program 4 (fault-call:2 fault-nth:65):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  990.927542]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  990.927561]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  990.927579]  ? __switch_to_asm+0x40/0x70
[  990.936734]  ? __switch_to_asm+0x34/0x70
[  990.936760]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  990.936790]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  990.936804] RIP: 0033:0x457569
[  990.936821] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  990.936836] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  990.944686] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  990.944697] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  990.944707] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  990.944717] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  990.944727] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  991.002831] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
[  991.262282] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  991.296621] FAULT_INJECTION: forcing a failure.
[  991.296621] name failslab, interval 1, probability 0, space 0, times 0
[  991.309851] CPU: 1 PID: 14232 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  991.318362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  991.327723] Call Trace:
[  991.327773]  dump_stack+0x244/0x39d
[  991.327803]  ? dump_stack_print_info.cold.1+0x20/0x20
[  991.339222]  should_fail.cold.4+0xa/0x17
[  991.343305]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  991.348431]  ? print_usage_bug+0xc0/0xc0
[  991.352519]  ? set_posix_acl+0x22f/0x2e0
[  991.356596]  ? posix_acl_xattr_set+0x109/0x140
[  991.361188]  ? __vfs_removexattr+0x10f/0x170
[  991.365615]  ? vfs_removexattr+0xb4/0x1e0
[  991.369773]  ? ovl_workdir_create+0x597/0x820
[  991.369791]  ? ovl_fill_super+0x12fc/0x3f33
[  991.369809]  ? ovl_mount+0x34/0x40
[  991.369824]  ? legacy_get_tree+0x131/0x460
[  991.369838]  ? vfs_get_tree+0x1cb/0x5c0
[  991.369851]  ? do_mount+0x70c/0x1d90
[  991.369869]  ? ksys_mount+0x12d/0x140
[  991.378675]  ? __x64_sys_mount+0xbe/0x150
[  991.378693]  ? zap_class+0x640/0x640
[  991.378715]  ? zap_class+0x640/0x640
[  991.378756]  ? __lock_is_held+0xb5/0x140
[  991.378787]  ? zap_class+0x640/0x640
[  991.386551]  ? zap_class+0x640/0x640
[  991.386570]  ? perf_trace_sched_process_exec+0x860/0x860
[  991.386589]  ? jbd2_journal_stop+0x430/0x15c0
[  991.386608]  ? rcu_read_lock_sched_held+0x14f/0x180
[  991.386635]  __should_failslab+0x124/0x180
[  991.386660]  should_failslab+0x9/0x14
[  991.398157]  kmem_cache_alloc+0x2be/0x730
[  991.398182]  ? lock_downgrade+0x900/0x900
[  991.398204]  jbd2__journal_start+0x1e7/0xa80
[  991.398229]  ? perf_trace_sched_process_exec+0x860/0x860
[  991.398250]  ? jbd2_write_access_granted.part.8+0x410/0x410
[  991.409818]  ? __might_sleep+0x95/0x190
[  991.409843]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  991.409867]  __ext4_journal_start_sb+0x1a0/0x5e0
[  991.409882]  ? ext4_set_acl+0x264/0x5a0
[  991.409904]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  991.417670]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[  991.417693]  ? ext4_xattr_set_credits+0xe5/0x120
[  991.417714]  ext4_set_acl+0x264/0x5a0
[  991.417736]  ? ext4_get_acl+0x730/0x730
[  991.417764]  ? __lock_is_held+0xb5/0x140
[  991.417787]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  991.427605]  ? evm_protected_xattr+0x206/0x290
[  991.427629]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  991.427665]  set_posix_acl+0x22f/0x2e0
[  991.437159]  ? xattr_resolve_name+0x2f1/0x430
[  991.437181]  posix_acl_xattr_set+0x109/0x140
[  991.437202]  __vfs_removexattr+0x10f/0x170
[  991.437226]  ? posix_acl_from_xattr+0x5c0/0x5c0
[  991.437243]  ? __vfs_getxattr+0x150/0x150
[  991.437262]  ? evm_inode_removexattr+0x47/0x60
[  991.445297]  vfs_removexattr+0xb4/0x1e0
[  991.445324]  ovl_workdir_create+0x5f0/0x820
[  991.445353]  ? ovl_mount_dir+0x1c0/0x1c0
[  991.445368]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  991.445414]  ovl_fill_super+0x12fc/0x3f33
[  991.453704]  ? vfs_get_super+0x270/0x270
[  991.453738]  ? ovl_show_options+0x550/0x550
[  991.453790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  991.463647]  ? get_anon_bdev+0xc0/0xc0
[  991.463663]  ? sget+0x113/0x150
[  991.463686]  ? ovl_show_options+0x550/0x550
[  991.463702]  mount_nodev+0x73/0x120
[  991.463723]  ? ovl_own_xattr_set+0x10/0x10
[  991.473410]  ovl_mount+0x34/0x40
[  991.473442]  legacy_get_tree+0x131/0x460
[  991.473480]  vfs_get_tree+0x1cb/0x5c0
[  991.473497]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  991.473514]  do_mount+0x70c/0x1d90
[  991.483800]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  991.483824]  ? copy_mount_string+0x40/0x40
[  991.483847]  ? copy_mount_options+0x5f/0x430
[  991.483868]  ? kmem_cache_alloc_trace+0x353/0x750
[  991.483888]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  991.493571]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  991.493588]  ? copy_mount_options+0x315/0x430
[  991.493611]  ksys_mount+0x12d/0x140
[  991.493631]  __x64_sys_mount+0xbe/0x150
[  991.493653]  do_syscall_64+0x1b9/0x820
[  991.503849]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  991.503872]  ? syscall_return_slowpath+0x5e0/0x5e0
[  991.503894]  ? trace_hardirqs_on_caller+0x310/0x310
[  991.503912]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  991.503936]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  991.511692]  ? __switch_to_asm+0x40/0x70
[  991.511706]  ? __switch_to_asm+0x34/0x70
[  991.511729]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  991.511758]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  991.511778] RIP: 0033:0x457569
[  991.521362] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  991.521371] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
03:45:14 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xff0f000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:14 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xffffff7f00000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:14 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:14 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0xffffffffffff5f97, 0x0, 0x0, 0x1, 0x10000000}}, 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f00000000c0))

03:45:14 executing program 4 (fault-call:2 fault-nth:66):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  991.521388] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  991.521399] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  991.521409] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  991.521418] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  991.521434] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  991.564202] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:14 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:14 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000400)='/dev/full\x00', 0x88100, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000480)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000b80)={{{@in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000500)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f0000001040)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001080)=0x14)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000001100)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000010c0)={&(0x7f0000001280)={0xd8, r2, 0x904, 0x70bd29, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0xbc, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x800000000000000}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x490}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'broadcast\x00'}}}]}}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r5 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r5, &(0x7f0000000040), 0x2)
r6 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000100)={{{@in6=@remote, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000200)=0xe8)
accept4$packet(r5, &(0x7f0000000240)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000280)=0x14, 0x800)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f00000002c0)={{{@in6=@ipv4={[], [], @rand_addr}, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@dev}}, &(0x7f00000003c0)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r10=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000540)={'vcan0\x00', <r11=>0x0})
accept$packet(r5, &(0x7f0000000580)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000005c0)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000600)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f0000000700)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000740)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@dev}}}, &(0x7f0000000840)=0xe8)
getsockopt$inet_mreqn(r5, 0x0, 0x24, &(0x7f0000000880)={@loopback, @multicast2, <r15=>0x0}, &(0x7f00000008c0)=0xc)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f0000000ac0)=0xe8)
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000b00)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000b40)=0x14)
accept4$packet(r5, &(0x7f0000001180)={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000011c0)=0x14, 0x80800)
accept4$packet(r5, &(0x7f0000001200)={0x11, 0x0, <r19=>0x0}, &(0x7f0000001240)=0x14, 0x800)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003480)={'erspan0\x00', <r20=>0x0})
ioctl$sock_SIOCGIFCONF(r5, 0x8910, &(0x7f0000003980)=@req={0x28, &(0x7f0000003940)={'ip6gre0\x00', @ifru_addrs=@hci={0x1f, <r21=>0x0, 0x3}}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000004d80)={'vcan0\x00', <r22=>0x0})
accept4(r0, &(0x7f0000004dc0)=@xdp={0x2c, 0x0, <r23=>0x0}, &(0x7f0000004e40)=0x80, 0x80000)
ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0x5a)
recvmsg$kcm(r5, &(0x7f00000050c0)={&(0x7f0000004e80)=@ll={0x11, 0x0, <r24=>0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000004f80)=[{&(0x7f0000004f00)=""/85, 0x55}], 0x1, &(0x7f0000004fc0)=""/194, 0xc2}, 0x10001)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, &(0x7f0000005740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000005700)={&(0x7f0000005100)={0x5dc, r6, 0x0, 0x70bd28, 0x25dfdbfb, {}, [{{0x8, 0x1, r7}, {0x74, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x1}}}]}}, {{0x8, 0x1, r9}, {0x7c, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r11}}}]}}, {{0x8, 0x1, r12}, {0xbc, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r15}}}]}}, {{0x8, 0x1, r16}, {0x1b4, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r17}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x7fffffff}}, {0x8, 0x6, r18}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffeff}}, {0x8, 0x6, r19}}}]}}, {{0x8, 0x1, r20}, {0x174, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r21}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xee54}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0xc, 0x4, [{0xc9, 0x6, 0x1, 0x9}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r22}}}]}}, {{0x8, 0x1, r23}, {0xc4, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x1c, 0x4, [{0x9, 0x6, 0x3, 0x10001}, {0xffffffff, 0x0, 0x80000001, 0x4}, {0x40, 0x7, 0x1}]}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r24}}}]}}]}, 0x5dc}, 0x1, 0x0, 0x0, 0x48801}, 0x4000000)
ioctl$FS_IOC_SETVERSION(r5, 0x800448d5, &(0x7f00000000c0))

[  991.910142] FAT-fs (loop3): bogus number of reserved sectors
[  991.921712] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  991.944541] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:14 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  991.977878] FAULT_INJECTION: forcing a failure.
[  991.977878] name failslab, interval 1, probability 0, space 0, times 0
[  992.025221] CPU: 0 PID: 14262 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  992.033767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  992.043120] Call Trace:
[  992.043146]  dump_stack+0x244/0x39d
[  992.043170]  ? dump_stack_print_info.cold.1+0x20/0x20
[  992.043198]  should_fail.cold.4+0xa/0x17
[  992.049409]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  992.049429]  ? print_usage_bug+0xc0/0xc0
[  992.049448]  ? set_posix_acl+0x22f/0x2e0
[  992.049477]  ? posix_acl_xattr_set+0x109/0x140
[  992.058726]  ? __vfs_removexattr+0x10f/0x170
[  992.058742]  ? vfs_removexattr+0xb4/0x1e0
[  992.058761]  ? ovl_workdir_create+0x597/0x820
[  992.058782]  ? ovl_fill_super+0x12fc/0x3f33
[  992.071992]  ? ovl_mount+0x34/0x40
[  992.072008]  ? legacy_get_tree+0x131/0x460
[  992.072022]  ? vfs_get_tree+0x1cb/0x5c0
[  992.072035]  ? do_mount+0x70c/0x1d90
[  992.072053]  ? ksys_mount+0x12d/0x140
[  992.109429]  ? __x64_sys_mount+0xbe/0x150
[  992.109461]  ? zap_class+0x640/0x640
[  992.109485]  ? zap_class+0x640/0x640
03:45:15 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x0, 0x0, 0x0, 0x2, 0x3f}}, 0xa)
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080), &(0x7f0000000240)=0x4)
ioctl$sock_inet_SIOCSIFBRDADDR(r2, 0x891a, &(0x7f00000000c0)={'ip6gre0\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}})
socket$inet_sctp(0x2, 0x5, 0x84)
fcntl$getownex(r3, 0x10, &(0x7f0000000200))
r4 = dup3(r0, r1, 0x80000)
ioctl$DRM_IOCTL_AGP_INFO(r4, 0x80386433, &(0x7f0000000100)=""/233)

[  992.109511]  ? __lock_is_held+0xb5/0x140
[  992.117463]  ? zap_class+0x640/0x640
[  992.117484]  ? zap_class+0x640/0x640
[  992.117502]  ? perf_trace_sched_process_exec+0x860/0x860
[  992.117521]  ? jbd2_journal_stop+0x430/0x15c0
[  992.117538]  ? rcu_read_lock_sched_held+0x14f/0x180
[  992.117565]  __should_failslab+0x124/0x180
[  992.117584]  should_failslab+0x9/0x14
[  992.132762]  kmem_cache_alloc+0x2be/0x730
[  992.132787]  ? lock_downgrade+0x900/0x900
[  992.132814]  jbd2__journal_start+0x1e7/0xa80
03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x300, 0x0, 0x2}}}, 0x50}}, 0x0)

[  992.141973]  ? perf_trace_sched_process_exec+0x860/0x860
[  992.141996]  ? jbd2_write_access_granted.part.8+0x410/0x410
[  992.142018]  ? __might_sleep+0x95/0x190
[  992.142040]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  992.193057]  __ext4_journal_start_sb+0x1a0/0x5e0
[  992.197829]  ? ext4_set_acl+0x264/0x5a0
[  992.197851]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  992.197873]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[  992.197895]  ? ext4_xattr_set_credits+0xe5/0x120
[  992.197914]  ext4_set_acl+0x264/0x5a0
[  992.213062]  ? ext4_get_acl+0x730/0x730
[  992.213092]  ? __lock_is_held+0xb5/0x140
[  992.213119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  992.213138]  ? evm_protected_xattr+0x206/0x290
[  992.239858]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  992.244906]  set_posix_acl+0x22f/0x2e0
[  992.248813]  ? xattr_resolve_name+0x2f1/0x430
[  992.253347]  posix_acl_xattr_set+0x109/0x140
[  992.253369]  __vfs_removexattr+0x10f/0x170
[  992.253385]  ? posix_acl_from_xattr+0x5c0/0x5c0
[  992.253401]  ? __vfs_getxattr+0x150/0x150
[  992.253421]  ? evm_inode_removexattr+0x47/0x60
03:45:15 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r1=>0x0, 0xffffffffffffff9c, 0x0, 0x1, &(0x7f0000000000)='\x00', 0xffffffffffffffff}, 0x30)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)=<r2=>0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x50000, 0x0)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000140)={r3, r0, 0x7})
r4 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r4, 0xc1105518, &(0x7f00000001c0)={{0x2, 0x7, 0x579, 0x7, 'syz0\x00', 0x7}, 0x3, 0x20000000, 0x3, r1, 0x0, 0x9, 'syz0\x00', &(0x7f0000000180), 0x0, [], [0x9, 0x5, 0x8000]})
bind$bt_rfcomm(r4, &(0x7f0000000040), 0x2)

03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xffffffffa0018000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  992.275485]  vfs_removexattr+0xb4/0x1e0
[  992.279494]  ovl_workdir_create+0x5f0/0x820
[  992.283839]  ? ovl_mount_dir+0x1c0/0x1c0
[  992.283864]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  992.283914]  ovl_fill_super+0x12fc/0x3f33
[  992.297654]  ? vfs_get_super+0x270/0x270
[  992.301753]  ? ovl_show_options+0x550/0x550
[  992.306128]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  992.311687]  ? get_anon_bdev+0xc0/0xc0
[  992.315602]  ? sget+0x113/0x150
[  992.318900]  ? ovl_show_options+0x550/0x550
[  992.318918]  mount_nodev+0x73/0x120
[  992.318940]  ? ovl_own_xattr_set+0x10/0x10
[  992.318956]  ovl_mount+0x34/0x40
[  992.318976]  legacy_get_tree+0x131/0x460
[  992.334520]  vfs_get_tree+0x1cb/0x5c0
[  992.334538]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  992.334556]  do_mount+0x70c/0x1d90
[  992.334576]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  992.334598]  ? copy_mount_string+0x40/0x40
[  992.334619]  ? copy_mount_options+0x5f/0x430
[  992.350767]  ? kmem_cache_alloc_trace+0x353/0x750
[  992.369767]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  992.369793]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  992.369810]  ? copy_mount_options+0x315/0x430
[  992.369833]  ksys_mount+0x12d/0x140
[  992.369852]  __x64_sys_mount+0xbe/0x150
[  992.369875]  do_syscall_64+0x1b9/0x820
[  992.389063]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  992.389087]  ? syscall_return_slowpath+0x5e0/0x5e0
[  992.389109]  ? trace_hardirqs_on_caller+0x310/0x310
[  992.389128]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  992.389147]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  992.389165]  ? __switch_to_asm+0x40/0x70
[  992.397018]  ? __switch_to_asm+0x34/0x70
[  992.397043]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  992.397073]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  992.397086] RIP: 0033:0x457569
[  992.397104] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  992.397118] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  992.407659] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  992.407669] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  992.407680] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  992.407690] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  992.407700] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  992.497588] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
03:45:15 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x97ffffff}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:15 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:15 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x3, 0x0, 0x7f, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x105400, 0x0)
ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000080))
unshare(0x40000000)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x9effffff00000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:15 executing program 4 (fault-call:2 fault-nth:67):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:15 executing program 2:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000)=ANY=[], &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, &(0x7f0000000280))
chroot(&(0x7f0000000000)='./file0/../file0\x00')
lremovexattr(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00')

[  992.721112] FAT-fs (loop3): bogus number of reserved sectors
[  992.736414] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x1000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  992.763158] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:15 executing program 2:
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x14, 0x0, 0x0, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000002080)=ANY=[@ANYBLOB="000006008100008f"], &(0x7f00000020c0)=0x1)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x2, 0x0)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000cc0)={&(0x7f0000020000/0x4000)=nil, 0x4000})
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000140)={0x0, 0x39a}, 0x8)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom\x00', 0x0, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000580)='/dev/ppp\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_CLEAR(r2, 0x401070cd, &(0x7f0000000bc0))
setgroups(0x1, &(0x7f0000000500)=[0x0])
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f00000000c0)=0x8)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r3, 0x10, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff59, 0x2)
syz_read_part_table(0xd0ba, 0x1, &(0x7f0000000540)=[{&(0x7f0000001f40)="2d0b47c010c8c53bc12009311a4c93a7c81abdebb594e83d80cfe27c4b995cb221a075f91f00e7912235e3ac52d22a12da84b1b6f1bdaf051c1f504720c0c57ba4088a5ff4576597242e6896a81c05d7c1e7b93a498088206f54f5", 0x5b, 0x1000}])
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000300)={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}, {0x1, @local}, 0x0, {0x2, 0x4e20, @multicast1}, 'syz_tun\x00'})
r4 = add_key$keyring(&(0x7f0000000a40)='keyring\x00', &(0x7f0000000a80)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = add_key$keyring(&(0x7f0000000ac0)='keyring\x00', &(0x7f0000000b00)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$unlink(0x9, r4, r5)
pwrite64(r0, &(0x7f0000000800)="1922a7f617189ab9587e46a2413701f6bfa4b6039d2f0b3468a1fdd659b7ab85d29fecae8f4db9d8e265350447ce1641ff052757b7f320340aba5e785379913672176594feab2c4cfadba1f78e3d046c71df63cc7bd9087f887fa7934526bd3deb469218711459c337c4b944650ffc95a2d9a7c65d35fa55d4016e02437c11424f1640a1a9bd4e45bfd1db65939e7ca30d14992090342e352a90a1f276964e9df96a85ae0d11d68fdef294b1df7d79cec2621d51b2d02bd010f2045ee3cf0a9d0dc9737257b2fd429c8da1f9a433ae31f0bcd9fa1f", 0xd5, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000640)={'eql\x00', @broadcast})
mmap(&(0x7f0000000000/0x62000)=nil, 0x62000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/zero\x00', 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast1}}, &(0x7f0000000780)=0xe8)
ioprio_set$uid(0x3, r6, 0x0)

03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2a0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  992.870144] FAULT_INJECTION: forcing a failure.
[  992.870144] name failslab, interval 1, probability 0, space 0, times 0
[  992.953902] CPU: 0 PID: 14308 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  992.962436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  992.971814] Call Trace:
[  992.974431]  dump_stack+0x244/0x39d
[  992.978103]  ? dump_stack_print_info.cold.1+0x20/0x20
[  992.983337]  should_fail.cold.4+0xa/0x17
[  992.987564]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  992.992687]  ? print_usage_bug+0xc0/0xc0
[  992.996778]  ? set_posix_acl+0x22f/0x2e0
03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf0ffff, 0x0, 0x2}}}, 0x50}}, 0x0)

[  993.000853]  ? posix_acl_xattr_set+0x109/0x140
[  993.005468]  ? __vfs_removexattr+0x10f/0x170
[  993.009898]  ? vfs_removexattr+0xb4/0x1e0
[  993.014064]  ? ovl_workdir_create+0x597/0x820
[  993.018573]  ? ovl_fill_super+0x12fc/0x3f33
[  993.022911]  ? ovl_mount+0x34/0x40
[  993.026483]  ? legacy_get_tree+0x131/0x460
[  993.030741]  ? vfs_get_tree+0x1cb/0x5c0
[  993.034737]  ? do_mount+0x70c/0x1d90
[  993.038472]  ? ksys_mount+0x12d/0x140
[  993.042281]  ? __x64_sys_mount+0xbe/0x150
[  993.042301]  ? zap_class+0x640/0x640
[  993.042324]  ? zap_class+0x640/0x640
03:45:15 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x9effffff, 0x0, 0x2}}}, 0x50}}, 0x0)

[  993.042355]  ? __lock_is_held+0xb5/0x140
[  993.042379]  ? zap_class+0x640/0x640
[  993.042398]  ? zap_class+0x640/0x640
[  993.053970]  ? perf_trace_sched_process_exec+0x860/0x860
[  993.061745]  ? jbd2_journal_stop+0x430/0x15c0
[  993.061764]  ? rcu_read_lock_sched_held+0x14f/0x180
[  993.061791]  __should_failslab+0x124/0x180
[  993.061816]  should_failslab+0x9/0x14
[  993.075478]  kmem_cache_alloc+0x2be/0x730
[  993.092687]  ? lock_downgrade+0x900/0x900
[  993.096865]  jbd2__journal_start+0x1e7/0xa80
[  993.101295]  ? perf_trace_sched_process_exec+0x860/0x860
[  993.106773]  ? jbd2_write_access_granted.part.8+0x410/0x410
[  993.112510]  ? __might_sleep+0x95/0x190
[  993.116511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.122078]  __ext4_journal_start_sb+0x1a0/0x5e0
[  993.126852]  ? ext4_set_acl+0x264/0x5a0
[  993.130847]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  993.136577]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[  993.142051]  ? ext4_xattr_set_credits+0xe5/0x120
[  993.142074]  ext4_set_acl+0x264/0x5a0
[  993.142097]  ? ext4_get_acl+0x730/0x730
03:45:16 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf0, 0x0, 0x2}}}, 0x50}}, 0x0)

[  993.142126]  ? __lock_is_held+0xb5/0x140
[  993.142151]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.142171]  ? evm_protected_xattr+0x206/0x290
[  993.168909]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  993.173949]  set_posix_acl+0x22f/0x2e0
[  993.177851]  ? xattr_resolve_name+0x2f1/0x430
[  993.182360]  posix_acl_xattr_set+0x109/0x140
[  993.186790]  __vfs_removexattr+0x10f/0x170
[  993.191043]  ? posix_acl_from_xattr+0x5c0/0x5c0
[  993.195739]  ? __vfs_getxattr+0x150/0x150
[  993.195758]  ? evm_inode_removexattr+0x47/0x60
[  993.195786]  vfs_removexattr+0xb4/0x1e0
[  993.195813]  ovl_workdir_create+0x5f0/0x820
[  993.195841]  ? ovl_mount_dir+0x1c0/0x1c0
[  993.195857]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.195901]  ovl_fill_super+0x12fc/0x3f33
[  993.212903]  ? vfs_get_super+0x270/0x270
[  993.230721]  ? ovl_show_options+0x550/0x550
[  993.235090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.240647]  ? get_anon_bdev+0xc0/0xc0
[  993.244548]  ? sget+0x113/0x150
[  993.244571]  ? ovl_show_options+0x550/0x550
[  993.244588]  mount_nodev+0x73/0x120
[  993.244610]  ? ovl_own_xattr_set+0x10/0x10
[  993.244627]  ovl_mount+0x34/0x40
[  993.244647]  legacy_get_tree+0x131/0x460
[  993.244669]  vfs_get_tree+0x1cb/0x5c0
[  993.244685]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  993.244700]  do_mount+0x70c/0x1d90
[  993.244729]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  993.244750]  ? copy_mount_string+0x40/0x40
[  993.255969]  ? copy_mount_options+0x5f/0x430
[  993.285236]  ? kmem_cache_alloc_trace+0x353/0x750
[  993.285259]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  993.285284]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  993.285300]  ? copy_mount_options+0x315/0x430
[  993.285328]  ksys_mount+0x12d/0x140
[  993.285348]  __x64_sys_mount+0xbe/0x150
[  993.285370]  do_syscall_64+0x1b9/0x820
[  993.285390]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  993.285409]  ? syscall_return_slowpath+0x5e0/0x5e0
[  993.285434]  ? trace_hardirqs_on_caller+0x310/0x310
[  993.309993]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  993.316766] IPVS: ftp: loaded support on port[0] = 21
[  993.318112]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  993.318130]  ? __switch_to_asm+0x40/0x70
[  993.318143]  ? __switch_to_asm+0x34/0x70
[  993.318168]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  993.318198]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  993.318212] RIP: 0033:0x457569
[  993.318229] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  993.318239] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  993.318254] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  993.318265] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  993.318275] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  993.318285] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  993.318302] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  993.367050] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only
[  993.573788] IPVS: ftp: loaded support on port[0] = 21
03:45:16 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x7}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:16 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:18 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x1f, 0x40000)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000180)={'filter\x00', 0x0, 0x4, 0x35, [], 0xa, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000140)=""/53}, &(0x7f0000000200)=0x78)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:18 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:18 executing program 4 (fault-call:2 fault-nth:68):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f00000003c0)="0f20d86635080000000f22d866b80500000066b9060d20500f01c1ba6100b01aeed9a6390b0f0174170f009a0050670f01caba610066b80010000066ef260f22276766c74424004edeac976766c74424022c0000006766c744240600000000670f011424", 0x64}], 0x1, 0x0, &(0x7f0000000080), 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000140)=<r3=>0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000000000000300000000000000000000000000eaff000000000000000000000000000000000600000000000000282f000031c07740320000000000000000000000000000000000000100010000000000000000000000000099e50000000000000000000001000100191c73a3687b0e28397c7cbad0729e1a6e028e274e3e00512964d1eee9ad060a9b1e286c2f86d64278fdfa03b77758e46399a5827e41661ba2b5208e09bde5b724315e012d3ce0150f2e4d5899892a41cd9e80d077ab683d210903e39e12b932236a4d"])
sched_setaffinity(r3, 0x8, &(0x7f00000001c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x5})
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000)=0x4, 0x4)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ppoll(&(0x7f0000000040)=[{r0, 0x2006}, {r1, 0x4000}, {r0, 0x90}, {r4}], 0x4, &(0x7f00000000c0), &(0x7f0000000100)={0x47bdfadc}, 0x8)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(0xffffffffffffffff, 0x40045730, &(0x7f0000000080)=0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:45:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xfffffffffffff000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:18 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc4f00000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x300000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  995.240652] FAT-fs (loop3): bogus number of reserved sectors
[  995.256099] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  995.278213] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:18 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$nl_netfilter(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x81000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x11, 0x3, 0x500, 0x70bd27, 0x25dfdbfd, {0x7, 0x0, 0xbbc1}, [@nested={0xc, 0x3b, [@typed={0x8, 0x55, @u32=0xffffffffffffffc1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x20008801)
bind$bt_rfcomm(r1, &(0x7f0000000140)={0x1f, {0x6, 0x0, 0x4, 0xfffffffffffffc01, 0xfffffffffffffff8, 0x5}, 0x8}, 0xa)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

[  995.309787] FAULT_INJECTION: forcing a failure.
[  995.309787] name failslab, interval 1, probability 0, space 0, times 0
03:45:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xfffff000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  995.352900] CPU: 0 PID: 14368 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  995.361419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  995.370788] Call Trace:
[  995.373393]  dump_stack+0x244/0x39d
[  995.377048]  ? dump_stack_print_info.cold.1+0x20/0x20
[  995.382258]  ? __find_get_block+0xf10/0xf10
[  995.386602]  should_fail.cold.4+0xa/0x17
[  995.390678]  ? print_usage_bug+0xc0/0xc0
[  995.394758]  ? fault_create_debugfs_attr+0x1f0/0x1f0
03:45:18 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{}, {<r1=>0x0}, {}, {}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000240)={r1, 0xffffffffffffffff})
clock_gettime(0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000100)={r2, r3/1000+10000}, 0x10)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = fcntl$dupfd(r4, 0x0, r4)
fadvise64(r4, 0x0, 0xfc0000000000, 0x7)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000080)={'filter\x00', 0x4}, 0x68)
ioctl$sock_SIOCGSKNS(r5, 0x894c, &(0x7f0000000140)=0x4)
ioctl$KVM_GET_MP_STATE(r4, 0x8004ae98, &(0x7f0000000180))
bind$bt_rfcomm(r5, &(0x7f0000000040), 0x2)

[  995.399875]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  995.404910]  ? ext4_data_block_valid+0x28b/0x330
[  995.409701]  ? __check_block_validity.constprop.78+0xd9/0x210
[  995.415665]  ? zap_class+0x640/0x640
[  995.419409]  ? ext4_map_blocks+0x429/0x1b50
[  995.423789]  ? find_held_lock+0x36/0x1c0
[  995.427874]  ? __lock_is_held+0xb5/0x140
[  995.431968]  ? perf_trace_sched_process_exec+0x860/0x860
[  995.437449]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.443015]  ? ext4fs_dirhash+0xb49/0x10d0
[  995.447277]  __should_failslab+0x124/0x180
[  995.451523]  should_failslab+0x9/0x14
[  995.451581]  __kmalloc+0x2e0/0x760
[  995.458928]  ? rcu_softirq_qs+0x20/0x20
[  995.462921]  ? rcu_softirq_qs+0x20/0x20
[  995.466906]  ? unwind_dump+0x190/0x190
[  995.470809]  ? ext4_htree_store_dirent+0x8d/0x5a0
[  995.475670]  ext4_htree_store_dirent+0x8d/0x5a0
[  995.480384]  htree_dirblock_to_tree+0x56b/0xae0
[  995.485131]  ? dx_probe+0x1120/0x1120
[  995.488955]  ? save_stack+0xa9/0xd0
[  995.488972]  ? save_stack+0x43/0xd0
[  995.488989]  ? ext4_readdir+0x2734/0x3c30
03:45:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf0ffffff, 0x0, 0x2}}}, 0x50}}, 0x0)

[  995.489004]  ? iterate_dir+0x48c/0x5d0
[  995.489026]  ? ovl_check_d_type_supported+0x272/0x480
[  995.509483]  ? ovl_fill_super+0x133d/0x3f33
[  995.509498]  ? mount_nodev+0x73/0x120
[  995.509514]  ? ovl_mount+0x34/0x40
[  995.509528]  ? legacy_get_tree+0x131/0x460
[  995.509541]  ? vfs_get_tree+0x1cb/0x5c0
[  995.509559]  ? do_mount+0x70c/0x1d90
[  995.533167]  ? ksys_mount+0x12d/0x140
[  995.536972]  ? __x64_sys_mount+0xbe/0x150
[  995.536990]  ? do_syscall_64+0x1b9/0x820
[  995.537009]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:45:18 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'gnetap0\x00', {0x2, 0x4e22, @loopback}})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$unix(r1, &(0x7f0000000600)={&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000540)=[{&(0x7f0000000100)="80a82bb50fc07783c8038eba0e1e006ff5f38fe05225d955e0f45bf05f0b3cea35483ef82e1d713ea4d4851e38134644a726ef841b527447520e3f3ece95db1e191b1a1f1e2a94e19ff3feaf8a9f2812c06e1a8f2275152b4431fee9ae321906c3c47070e03aa75b6a66035c5a64b11677904da7ee5f7204e933c665fb6ea5dd2df292dff0bc4bcc014312338b", 0x8d}, {&(0x7f00000001c0)="7bd0de2dac1e09ae1740da98893679eedd73d7ea75e25c87758a9b254d8ab1228478a26c55b56e9a19361dbd93e6bbf5a0e4fbcae96e9625627df4d2e80c935d8ec8bfe3898360b440304daaba7795af87c97dae4ac8d726d3adbbb071ff03a17981682e04ab8e1248eb2fe3995d30ba809d3788698b2190ddc62d5f5fb5b7ed69c89d1655e9b14bd40af514f26816ca2719ba95eba7afc6a815f892d1b8c3b2e3a077619dcd1e05fbf8ebfe143ddf13ff6a9857a3ae3fe4ef75c73faa782887c0a7c081c88370decf20d74404bd17794b0aa53777a91acf7e43ffae25d5e7c074e469c285d3f59a80074a7021b50b6c725962ee9dcf48e9", 0xf8}, {&(0x7f00000002c0)="a74645d247f040b03bb8615c694bb2f080d8b71f641581268a", 0x19}, {&(0x7f0000000300)="1718489e368ff8135c4d", 0xa}, {&(0x7f0000000340)="27d008b1ce442f2e5844a39b0e2f41d0962506fd740ead196a3d388d947bbb445ec88ccb25429c0a5cc63882a4ff51039cf20aec2336e7e807994a54eb8e48bba0ef4045d1cf64a9", 0x48}, {&(0x7f00000003c0)="70c81872d364c135926959eb1d0a9f5ca1177c81ed33c0a76aa66d7676bb979e7022d618cb21ea26c2fee6a191c42de9b85110d0f40fbb2e7daeaa6818f67da6d23ec4531409db4632de6eb4990b353d48250e5eef3cfecb4cd08192c834b006a82feb5ccf413f0638e15ddbe562042d0d6ddaebf75c51fffbc3da345fba62c01c09b2dd98e0f7129a6f06", 0x8b}, {&(0x7f0000000480)="67f9b29262dd7e4012169af80cc0e73c2263ec630a60cf654d43fc5c49617b1f00c9e0d32f114900deee4f4817324d68a8ffd620be6c4d82cf2c7218d1a089930a5a1b2c5cd730300829ef303a74a988101a657f265bac01aa948d0e387627bd0abeb353822dfd21a5a0212cfdce701e818728c8c379be9dfd76b6cf6cf4b234c0260f", 0x83}], 0x7, &(0x7f00000005c0)=[@rights={0x18, 0x1, 0x1, [r0]}, @rights={0x20, 0x1, 0x1, [r2, r1, r1]}], 0x38, 0x40000}, 0x0)
r3 = getpgrp(0xffffffffffffffff)
fstat(r1, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(r2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000cc0)=@generic={0x0, 0xfffffffffffffff7, 0x3})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000940)=<r6=>0x0)
getresuid(&(0x7f0000000980), &(0x7f00000009c0)=<r7=>0x0, &(0x7f0000000a00))
fstat(r0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000ac0)=<r9=>0x0)
ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f00000007c0)=""/16)
getresuid(&(0x7f0000000b00), &(0x7f0000000b40)=<r10=>0x0, &(0x7f0000000b80))
ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f0000000d00)={0x1, 0x6, 0x4})
getgroups(0x12f, &(0x7f0000000bc0)=[<r11=>0xee01, 0xee01, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, 0x0, 0x0])
sendmsg$unix(r1, &(0x7f0000000c80)={&(0x7f0000000640)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000800)=[{&(0x7f00000006c0)="e2012b695ad918f91f1f54a7f258bf98ee8f1e0e514ef63bf0bde55d96c77a5e8fa912fde1f27dec9d7070cd02b2b9f28adb42d771cd4e78cf55262770d79f0c18a811bc6c06177d14a4bd80137b65fefd0d935b053bc0637bf81d2bb9812d80f70510c04b6a6064a92493238b2853d62b121c338e6538367a15ea786689f21aae6d9347c55822506973bb8a80f221786aac7a6341c23e9e77cd748e4b74ff78f2f6704ae1bbef5a570aa63062140e5d13df3fffb84edfdc6fd435790df7c02cbcb96aca345e6931ded524340ba18ea5af45fbfe9b4df6d85c353e2a3b1aed8ed0d05d76a181bc", 0xe7}, {&(0x7f00000007c0)}], 0x2, &(0x7f0000000c00)=[@cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @cred={0x20, 0x1, 0x2, r9, r10, r11}], 0x60, 0x8000}, 0x800)

[  995.537031]  ext4_htree_fill_tree+0x40c/0xd60
[  995.555105]  ? do_split+0x1bc0/0x1bc0
[  995.558922]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.564484]  ? check_preemption_disabled+0x48/0x280
[  995.569551]  ? __lock_is_held+0xb5/0x140
[  995.569581]  ? ext4_readdir+0x2734/0x3c30
[  995.569598]  ? rcu_read_lock_sched_held+0x14f/0x180
[  995.569624]  ? kmem_cache_alloc_trace+0x353/0x750
[  995.587702]  ext4_readdir+0x1ca1/0x3c30
[  995.591727]  ? __ext4_check_dir_entry+0x350/0x350
[  995.591747]  ? fsnotify_first_mark+0x350/0x350
[  995.591776]  ? lock_acquire+0x1ed/0x520
[  995.605180]  ? iterate_dir+0xd8/0x5d0
[  995.609005]  ? lock_release+0xa10/0xa10
[  995.612991]  ? perf_trace_sched_process_exec+0x860/0x860
[  995.618472]  ? debug_lockdep_rcu_enabled+0x77/0x90
[  995.623415]  ? fsnotify_first_mark+0x350/0x350
[  995.623448]  ? down_read_killable+0x90/0x150
[  995.623473]  ? iterate_dir+0xd8/0x5d0
[  995.623490]  ? down_write+0x130/0x130
[  995.623515]  iterate_dir+0x48c/0x5d0
[  995.643806]  ovl_check_d_type_supported+0x272/0x480
[  995.643830]  ? ovl_cleanup_whiteouts+0x2a0/0x2a0
[  995.643847]  ? ovl_dir_fsync+0x4f0/0x4f0
[  995.643887]  ovl_fill_super+0x133d/0x3f33
[  995.661892]  ? vfs_get_super+0x270/0x270
[  995.665982]  ? ovl_show_options+0x550/0x550
[  995.666033]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.666053]  ? get_anon_bdev+0xc0/0xc0
[  995.666070]  ? sget+0x113/0x150
[  995.675928]  ? ovl_show_options+0x550/0x550
[  995.687402]  mount_nodev+0x73/0x120
[  995.691048]  ? ovl_own_xattr_set+0x10/0x10
[  995.691065]  ovl_mount+0x34/0x40
[  995.691085]  legacy_get_tree+0x131/0x460
[  995.691107]  vfs_get_tree+0x1cb/0x5c0
[  995.691123]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  995.691141]  do_mount+0x70c/0x1d90
[  995.711362]  ? copy_mount_string+0x40/0x40
[  995.711381]  ? retint_kernel+0x2d/0x2d
[  995.711417]  ? copy_mount_options+0x25c/0x430
[  995.711436]  ? write_comp_data+0x22/0x70
[  995.711467]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  995.711486]  ? copy_mount_options+0x315/0x430
[  995.731692]  ksys_mount+0x12d/0x140
[  995.745352]  __x64_sys_mount+0xbe/0x150
[  995.749353]  do_syscall_64+0x1b9/0x820
[  995.753281]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  995.758659]  ? syscall_return_slowpath+0x5e0/0x5e0
[  995.758681]  ? trace_hardirqs_on_caller+0x310/0x310
[  995.758701]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  995.758729]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  995.758744]  ? __switch_to_asm+0x40/0x70
[  995.758762]  ? __switch_to_asm+0x34/0x70
[  995.773765]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  995.773795]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  995.773808] RIP: 0033:0x457569
03:45:18 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0xf00000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

[  995.773825] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  995.773833] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  995.820739] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  995.820749] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  995.820759] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  995.820770] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  995.820779] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:18 executing program 3:
socket$l2tp(0x18, 0x1, 0x1)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:18 executing program 4 (fault-call:2 fault-nth:69):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  996.001500] FAT-fs (loop3): bogus number of reserved sectors
[  996.023082] FAT-fs (loop3): Can't find a valid FAT filesystem
[  996.072868] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  996.108555] FAULT_INJECTION: forcing a failure.
[  996.108555] name failslab, interval 1, probability 0, space 0, times 0
[  996.174178] CPU: 0 PID: 14402 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  996.182711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  996.192083] Call Trace:
[  996.194690]  dump_stack+0x244/0x39d
[  996.198389]  ? dump_stack_print_info.cold.1+0x20/0x20
[  996.203601]  ? lock_downgrade+0x900/0x900
[  996.207765]  ? check_preemption_disabled+0x48/0x280
[  996.212810]  should_fail.cold.4+0xa/0x17
[  996.216888]  ? rcu_softirq_qs+0x20/0x20
[  996.220884]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  996.226017]  ? is_bpf_text_address+0xd3/0x170
[  996.230516]  ? kernel_text_address+0x79/0xf0
[  996.234929]  ? zap_class+0x640/0x640
[  996.238646]  ? unwind_get_return_address+0x61/0xa0
[  996.243582]  ? __save_stack_trace+0x8d/0xf0
[  996.247914]  ? find_held_lock+0x36/0x1c0
[  996.251989]  ? __lock_is_held+0xb5/0x140
[  996.256067]  ? mount_nodev+0x73/0x120
[  996.259873]  ? perf_trace_sched_process_exec+0x860/0x860
[  996.265339]  __should_failslab+0x124/0x180
[  996.269580]  should_failslab+0x9/0x14
[  996.273384]  kmem_cache_alloc_trace+0x2d7/0x750
[  996.278062]  ? __might_sleep+0x95/0x190
[  996.282046]  apparmor_file_alloc_security+0x17b/0xac0
[  996.287251]  ? apparmor_path_rename+0xcd0/0xcd0
[  996.291937]  ? rcu_read_lock_sched_held+0x14f/0x180
[  996.296959]  ? kmem_cache_alloc+0x33a/0x730
[  996.301290]  security_file_alloc+0x4c/0xa0
[  996.305531]  __alloc_file+0x12a/0x470
[  996.309332]  ? file_free_rcu+0xd0/0xd0
[  996.313228]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.318776]  ? notify_change+0x792/0x1110
[  996.322935]  ? up_write+0x7b/0x220
[  996.326483]  ? down_write_nested+0x130/0x130
[  996.330903]  alloc_empty_file+0x72/0x170
[  996.334975]  dentry_open+0x71/0x1d0
[  996.338608]  ovl_path_open+0x58/0x70
[  996.342328]  ovl_check_d_type_supported+0x109/0x480
[  996.347364]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.352908]  ? ovl_cleanup_whiteouts+0x2a0/0x2a0
[  996.357666]  ? ovl_dir_fsync+0x4f0/0x4f0
[  996.361769]  ovl_fill_super+0x133d/0x3f33
[  996.365931]  ? vfs_get_super+0x270/0x270
[  996.370009]  ? ovl_show_options+0x550/0x550
[  996.374365]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.379907]  ? get_anon_bdev+0xc0/0xc0
[  996.383793]  ? sget+0x113/0x150
[  996.387083]  ? ovl_show_options+0x550/0x550
[  996.391405]  mount_nodev+0x73/0x120
[  996.395043]  ? ovl_own_xattr_set+0x10/0x10
[  996.399288]  ovl_mount+0x34/0x40
[  996.402659]  legacy_get_tree+0x131/0x460
[  996.406735]  vfs_get_tree+0x1cb/0x5c0
[  996.410539]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  996.415313]  do_mount+0x70c/0x1d90
[  996.418859]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  996.424406]  ? copy_mount_string+0x40/0x40
[  996.428649]  ? copy_mount_options+0x5f/0x430
[  996.433064]  ? kmem_cache_alloc_trace+0x353/0x750
[  996.437918]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  996.443471]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  996.449040]  ? copy_mount_options+0x315/0x430
[  996.453545]  ksys_mount+0x12d/0x140
[  996.457181]  __x64_sys_mount+0xbe/0x150
[  996.461166]  do_syscall_64+0x1b9/0x820
[  996.465061]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  996.470432]  ? syscall_return_slowpath+0x5e0/0x5e0
[  996.475375]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  996.480222]  ? trace_hardirqs_on_caller+0x310/0x310
[  996.485243]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  996.490276]  ? prepare_exit_to_usermode+0x291/0x3b0
[  996.495302]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  996.500155]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  996.505343] RIP: 0033:0x457569
03:45:19 executing program 2:
io_setup(0x203, &(0x7f0000000040)=<r0=>0x0)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
close(r1)
socket$inet_dccp(0x2, 0x6, 0x0)
io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f00000002c0)={0x0, 0x8, 0x0, 0x5, 0x0, r1, 0x0}])

03:45:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x860c000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:19 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000080)=0xb)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:19 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x0, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:19 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

[  996.508537] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  996.527441] RSP: 002b:00007f7fae567c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  996.535162] RAX: ffffffffffffffda RBX: 00007f7fae567c90 RCX: 0000000000457569
[  996.542442] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  996.549726] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000
[  996.556997] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5686d4
[  996.564287] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000003
03:45:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x200000000000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:19 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000))

03:45:19 executing program 4 (fault-call:2 fault-nth:70):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

[  996.661106] FAT-fs (loop3): bogus number of reserved sectors
[  996.677907] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:19 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$RTC_IRQP_READ(r1, 0x8008700b, &(0x7f0000000000))
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f0000000080)={{0x7fffffff, 0x1, 0x7, 0x2, 0xfffffffffffffff7, 0x2b92}, 0x8, 0x20, 0xfffffffffffffffb, 0x2b51, 0x1, "47a8d4523f718fd7a8b3ef2512d96674cfb530ac52ec5ca3dda5fb5b6953b5443c4feacd96eb4c61bb91fe9d43955410a2dfc46894066cb8d77ea712a2acbff23550e5e1c5676a39bb6a0e5fad0fd0f39a272eb4cebefecf862af23a14885fe641a634b7dba628a5306f36ead43b0c7e1b23ab4d9b92838677dadea02f539e8d"})
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x2, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:19 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x0, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x3000000, 0x0, 0x2}}}, 0x50}}, 0x0)

03:45:19 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58)
r1 = accept4(r0, 0x0, &(0x7f00000000c0), 0x0)
sendmsg$rds(r1, &(0x7f0000001f00)={&(0x7f00000003c0)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000500)=""/73, 0x49}, {&(0x7f0000000580)=""/11, 0xb}, {&(0x7f00000005c0)=""/30, 0x1e}, {&(0x7f0000000600)=""/127, 0x7f}], 0x4, &(0x7f0000001bc0)}, 0x0)
rseq(&(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x401, 0x101, 0x800}, 0x5}, 0x20, 0x1, 0x0)

[  996.871016] FAT-fs (loop3): bogus number of reserved sectors
03:45:19 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$SG_GET_VERSION_NUM(r1, 0x2282, &(0x7f0000000000))

[  996.920987] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  996.932291] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:19 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x860c, 0x2}}}, 0x50}}, 0x0)

[  996.977670] FAULT_INJECTION: forcing a failure.
[  996.977670] name failslab, interval 1, probability 0, space 0, times 0
[  997.019363] CPU: 0 PID: 14452 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  997.027881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  997.037240] Call Trace:
[  997.039854]  dump_stack+0x244/0x39d
[  997.043517]  ? dump_stack_print_info.cold.1+0x20/0x20
[  997.048733]  ? zap_class+0x640/0x640
[  997.052480]  should_fail.cold.4+0xa/0x17
[  997.056570]  ? __lock_acquire+0x62f/0x4c20
[  997.060822]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  997.065943]  ? find_held_lock+0x36/0x1c0
[  997.070031]  ? lock_downgrade+0x900/0x900
[  997.074205]  ? check_preemption_disabled+0x48/0x280
[  997.079256]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  997.084204]  ? kasan_check_read+0x11/0x20
[  997.088370]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  997.093665]  ? rcu_softirq_qs+0x20/0x20
[  997.093685]  ? rcu_softirq_qs+0x20/0x20
[  997.093700]  ? unwind_dump+0x190/0x190
[  997.093735]  ? is_bpf_text_address+0xd3/0x170
[  997.093757]  ? __kernel_text_address+0xd/0x40
[  997.101710]  ? unwind_get_return_address+0x61/0xa0
03:45:19 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x14000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:19 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000280)={{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x1b}}, {0xa, 0x0, 0x0, @empty, 0x2}, 0x0, [0x0, 0x0, 0xfffffffffffffc1c, 0x4, 0xff, 0x80000001, 0x0, 0x7fff]}, 0x5c)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x8000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @local, 0x80000001}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
sendto$inet6(r0, &(0x7f00000000c0), 0xff0c, 0x0, &(0x7f0000000300)={0xa, 0x0, 0x0, @local}, 0x1c)

[  997.101738]  ? __save_stack_trace+0x8d/0xf0
[  997.101764]  __should_failslab+0x124/0x180
[  997.101782]  should_failslab+0x9/0x14
[  997.131917]  kmem_cache_alloc+0x47/0x730
[  997.135988]  ? save_stack+0xa9/0xd0
[  997.139623]  ? save_stack+0x43/0xd0
[  997.143260]  ? kasan_kmalloc+0xc7/0xe0
[  997.147168]  ? kasan_slab_alloc+0x12/0x20
[  997.151362]  __debug_object_init+0xbb8/0x1290
[  997.155868]  ? vfs_tmpfile+0x13b/0x2a0
[  997.159772]  ? ovl_fill_super+0x139b/0x3f33
[  997.164107]  ? mount_nodev+0x73/0x120
03:45:20 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x8001a0ffffffff, 0x2}}}, 0x50}}, 0x0)

[  997.167920]  ? ovl_mount+0x34/0x40
[  997.171494]  ? legacy_get_tree+0x131/0x460
[  997.175755]  ? ksys_mount+0x12d/0x140
[  997.179572]  ? __x64_sys_mount+0xbe/0x150
[  997.183744]  ? debug_object_free+0x690/0x690
[  997.188176]  ? check_preemption_disabled+0x48/0x280
[  997.193211]  ? kasan_check_read+0x11/0x20
[  997.197375]  ? zap_class+0x640/0x640
[  997.201134]  ? rcu_softirq_qs+0x20/0x20
[  997.205129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.210691]  ? check_preemption_disabled+0x48/0x280
[  997.215772]  ? __lock_is_held+0xb5/0x140
[  997.219871]  ? rcu_read_lock_sched_held+0x14f/0x180
[  997.219896]  ? __lockdep_init_map+0x105/0x590
[  997.229403]  debug_object_init+0x16/0x20
[  997.229492]  __init_work+0x50/0x60
[  997.229513]  ext4_alloc_inode+0x606/0x880
[  997.237105]  ? ratelimit_state_init+0xb0/0xb0
[  997.237123]  ? find_held_lock+0x36/0x1c0
[  997.237148]  ? get_cached_acl+0x35c/0x460
[  997.237167]  ? lock_downgrade+0x900/0x900
[  997.237182]  ? check_preemption_disabled+0x48/0x280
[  997.237204]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  997.237217]  ? kasan_check_read+0x11/0x20
[  997.237236]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  997.237255]  ? rcu_softirq_qs+0x20/0x20
[  997.254069]  ? zap_class+0x640/0x640
[  997.254095]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.254113]  ? ratelimit_state_init+0xb0/0xb0
[  997.254130]  alloc_inode+0x63/0x190
[  997.254149]  new_inode_pseudo+0x71/0x1a0
[  997.263306]  ? prune_icache_sb+0x1c0/0x1c0
[  997.263358]  new_inode+0x1c/0x40
[  997.263374]  __ext4_new_inode+0x4c8/0x65a0
[  997.263392]  ? print_usage_bug+0xc0/0xc0
[  997.263475]  ? __kernel_text_address+0xd/0x40
[  997.263499]  ? ext4_free_inode+0x1a10/0x1a10
[  997.277843]  ? __lock_acquire+0x62f/0x4c20
[  997.277862]  ? save_stack+0xa9/0xd0
[  997.277878]  ? save_stack+0x43/0xd0
[  997.277892]  ? kasan_kmalloc+0xc7/0xe0
[  997.277905]  ? kasan_slab_alloc+0x12/0x20
[  997.277930]  ? mark_held_locks+0x130/0x130
[  997.285603]  ? do_syscall_64+0x1b9/0x820
[  997.285623]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  997.285640]  ? percpu_ref_put_many+0x11c/0x260
[  997.285658]  ? lock_downgrade+0x900/0x900
[  997.285673]  ? check_preemption_disabled+0x48/0x280
[  997.285693]  ? kasan_check_read+0x11/0x20
[  997.285707]  ? zap_class+0x640/0x640
[  997.285745]  ? rcu_softirq_qs+0x20/0x20
[  997.285771]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.295794]  ? check_preemption_disabled+0x48/0x280
[  997.295823]  ? __lock_is_held+0xb5/0x140
[  997.295849]  ? zap_class+0x640/0x640
[  997.295867]  ? rcu_read_lock_sched_held+0x14f/0x180
[  997.295885]  ? __lockdep_init_map+0x105/0x590
[  997.295904]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:45:20 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x0, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  997.295925]  ? d_set_d_op+0x31d/0x410
[  997.303606]  ? find_held_lock+0x36/0x1c0
[  997.303627]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.303645]  ? __dquot_initialize+0x629/0xdd0
[  997.303669]  ? lock_downgrade+0x900/0x900
[  997.303688]  ? dquot_get_next_dqblk+0x180/0x180
[  997.347920]  ? kasan_check_read+0x11/0x20
[  997.347937]  ? do_raw_spin_unlock+0xa7/0x330
[  997.347965]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.347987]  ext4_tmpfile+0x187/0x4e0
[  997.348010]  ? ext4_orphan_add+0xdb0/0xdb0
[  997.356337]  ? security_inode_permission+0xd2/0x100
[  997.356360]  ? inode_permission+0xb2/0x560
[  997.356380]  vfs_tmpfile+0x13b/0x2a0
[  997.356405]  ovl_fill_super+0x139b/0x3f33
[  997.356425]  ? vfs_get_super+0x270/0x270
[  997.356469]  ? ovl_show_options+0x550/0x550
[  997.356513]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.366426]  ? get_anon_bdev+0xc0/0xc0
[  997.366442]  ? sget+0x113/0x150
[  997.366487]  ? ovl_show_options+0x550/0x550
[  997.366504]  mount_nodev+0x73/0x120
[  997.366525]  ? ovl_own_xattr_set+0x10/0x10
[  997.366544]  ovl_mount+0x34/0x40
[  997.379862]  legacy_get_tree+0x131/0x460
[  997.379886]  vfs_get_tree+0x1cb/0x5c0
[  997.379902]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  997.379920]  do_mount+0x70c/0x1d90
[  997.379940]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  997.379961]  ? copy_mount_string+0x40/0x40
[  997.393193]  ? copy_mount_options+0x5f/0x430
[  997.393214]  ? kmem_cache_alloc_trace+0x353/0x750
[  997.393242]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  997.393256]  ? copy_mount_options+0x315/0x430
[  997.393275]  ksys_mount+0x12d/0x140
[  997.402350]  __x64_sys_mount+0xbe/0x150
[  997.402373]  do_syscall_64+0x1b9/0x820
[  997.402394]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  997.402414]  ? syscall_return_slowpath+0x5e0/0x5e0
[  997.402434]  ? trace_hardirqs_on_caller+0x310/0x310
[  997.402467]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  997.411189]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  997.411206]  ? __switch_to_asm+0x40/0x70
[  997.411219]  ? __switch_to_asm+0x34/0x70
[  997.411242]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  997.411271]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  997.411284] RIP: 0033:0x457569
[  997.411303] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  997.421323] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  997.421338] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
03:45:20 executing program 4 (fault-call:2 fault-nth:71):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:20 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xffffff7f00000000, 0x2}}}, 0x50}}, 0x0)

03:45:20 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x6)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x6, 0x10000, 0x81, 0x7fffffff, 0xbee3})

03:45:20 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0x0, 0x4}}, 0xa)

[  997.421348] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  997.421357] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  997.421366] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  997.421376] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  997.657077] FAT-fs (loop3): bogus number of reserved sectors
[  997.704513] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:20 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x6)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x6, 0x10000, 0x81, 0x7fffffff, 0xbee3})

03:45:20 executing program 1:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000004340)='/proc/self/net/pfkey\x00', 0x100, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100), &(0x7f00000043c0)=0xffffffffffffff0a)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r2, &(0x7f0000000040), 0x2)

03:45:20 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x8001a0, 0x2}}}, 0x50}}, 0x0)

03:45:20 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[  997.866830] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  997.926626] FAULT_INJECTION: forcing a failure.
[  997.926626] name failslab, interval 1, probability 0, space 0, times 0
[  997.942232] CPU: 1 PID: 14505 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  997.950751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  997.960107] Call Trace:
[  997.962716]  dump_stack+0x244/0x39d
[  997.966364]  ? dump_stack_print_info.cold.1+0x20/0x20
[  997.971620]  ? __find_get_block+0xf10/0xf10
[  997.975988]  should_fail.cold.4+0xa/0x17
[  997.980064]  ? print_usage_bug+0xc0/0xc0
[  997.984147]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  997.989260]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  997.989279]  ? ext4_data_block_valid+0x28b/0x330
[  997.989301]  ? __check_block_validity.constprop.78+0xd9/0x210
[  998.005530]  ? zap_class+0x640/0x640
[  998.009268]  ? ext4_map_blocks+0x429/0x1b50
[  998.009296]  ? find_held_lock+0x36/0x1c0
[  998.009316]  ? __lock_is_held+0xb5/0x140
[  998.017691]  ? drm_sysfs_connector_add+0x1e8/0x2b0
[  998.017722]  ? perf_trace_sched_process_exec+0x860/0x860
[  998.017765]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.017778]  ? ext4fs_dirhash+0xb49/0x10d0
[  998.017819]  __should_failslab+0x124/0x180
[  998.032248]  should_failslab+0x9/0x14
[  998.046247]  __kmalloc+0x2e0/0x760
[  998.046265]  ? rcu_softirq_qs+0x20/0x20
[  998.046284]  ? rcu_softirq_qs+0x20/0x20
[  998.046297]  ? unwind_dump+0x190/0x190
[  998.046316]  ? ext4_htree_store_dirent+0x8d/0x5a0
[  998.053652]  ext4_htree_store_dirent+0x8d/0x5a0
[  998.053679]  htree_dirblock_to_tree+0x56b/0xae0
[  998.061633]  ? dx_probe+0x1120/0x1120
[  998.061651]  ? save_stack+0xa9/0xd0
[  998.070367]  ? save_stack+0x43/0xd0
[  998.070395]  ? ext4_readdir+0x2734/0x3c30
[  998.070414]  ? iterate_dir+0x48c/0x5d0
[  998.079754]  ? ovl_check_d_type_supported+0x272/0x480
[  998.079772]  ? ovl_fill_super+0x133d/0x3f33
[  998.079790]  ? mount_nodev+0x73/0x120
[  998.087200]  ? ovl_mount+0x34/0x40
[  998.087214]  ? legacy_get_tree+0x131/0x460
[  998.087236]  ? vfs_get_tree+0x1cb/0x5c0
[  998.087249]  ? do_mount+0x70c/0x1d90
[  998.087261]  ? ksys_mount+0x12d/0x140
[  998.087279]  ? __x64_sys_mount+0xbe/0x150
[  998.095036]  ? do_syscall_64+0x1b9/0x820
[  998.095056]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  998.095078]  ext4_htree_fill_tree+0x40c/0xd60
[  998.095129]  ? do_split+0x1bc0/0x1bc0
[  998.104207]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.104234]  ? check_preemption_disabled+0x48/0x280
[  998.104261]  ? __lock_is_held+0xb5/0x140
[  998.104287]  ? ext4_readdir+0x2734/0x3c30
[  998.112394]  ? rcu_read_lock_sched_held+0x14f/0x180
[  998.112414]  ? kmem_cache_alloc_trace+0x353/0x750
[  998.112442]  ext4_readdir+0x1ca1/0x3c30
[  998.120240]  ? __ext4_check_dir_entry+0x350/0x350
[  998.120262]  ? fsnotify_first_mark+0x350/0x350
[  998.127975]  ? lock_acquire+0x1ed/0x520
[  998.127995]  ? iterate_dir+0xd8/0x5d0
[  998.135937]  ? lock_release+0xa10/0xa10
[  998.135953]  ? perf_trace_sched_process_exec+0x860/0x860
[  998.135971]  ? debug_lockdep_rcu_enabled+0x77/0x90
[  998.135991]  ? fsnotify_first_mark+0x350/0x350
[  998.136021]  ? down_read_killable+0x90/0x150
[  998.145436]  ? iterate_dir+0xd8/0x5d0
[  998.145466]  ? down_write+0x130/0x130
[  998.145496]  iterate_dir+0x48c/0x5d0
[  998.145525]  ovl_check_d_type_supported+0x272/0x480
[  998.153810]  ? ovl_cleanup_whiteouts+0x2a0/0x2a0
[  998.153827]  ? ovl_dir_fsync+0x4f0/0x4f0
[  998.153864]  ovl_fill_super+0x133d/0x3f33
[  998.164395]  ? vfs_get_super+0x270/0x270
[  998.164428]  ? ovl_show_options+0x550/0x550
[  998.164486]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.172699]  ? get_anon_bdev+0xc0/0xc0
[  998.172714]  ? sget+0x113/0x150
03:45:21 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x13000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:21 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='trusted.overlay.nlink\x00', &(0x7f00000000c0)={'L+', 0x2}, 0x28, 0xff12e8a80353d86e)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000100)={<r2=>0x0, 0x6d}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000180)={r2, 0x400, 0x5, 0x101}, 0x10)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:21 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xffffffffa0020000, 0x2}}}, 0x50}}, 0x0)

03:45:21 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x6)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x6, 0x10000, 0x81, 0x7fffffff, 0xbee3})

[  998.172735]  ? ovl_show_options+0x550/0x550
[  998.172753]  mount_nodev+0x73/0x120
[  998.182621]  ? ovl_own_xattr_set+0x10/0x10
[  998.182638]  ovl_mount+0x34/0x40
[  998.182657]  legacy_get_tree+0x131/0x460
[  998.191479]  vfs_get_tree+0x1cb/0x5c0
[  998.191496]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  998.191514]  do_mount+0x70c/0x1d90
[  998.200078]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  998.200100]  ? copy_mount_string+0x40/0x40
[  998.200121]  ? copy_mount_options+0x5f/0x430
[  998.207885]  ? kmem_cache_alloc_trace+0x353/0x750
[  998.207917]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  998.207939]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.207971]  ? copy_mount_options+0x315/0x430
[  998.218393]  ksys_mount+0x12d/0x140
[  998.218414]  __x64_sys_mount+0xbe/0x150
[  998.218435]  do_syscall_64+0x1b9/0x820
[  998.227421]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  998.227442]  ? syscall_return_slowpath+0x5e0/0x5e0
[  998.227475]  ? trace_hardirqs_on_caller+0x310/0x310
[  998.227500]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  998.260800]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  998.285767]  ? __switch_to_asm+0x40/0x70
[  998.285781]  ? __switch_to_asm+0x34/0x70
[  998.285804]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  998.285833]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  998.285846] RIP: 0033:0x457569
[  998.285865] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  998.319359] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  998.319375] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  998.319385] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[  998.319395] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  998.319417] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  998.319426] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[  998.476882] FAT-fs (loop3): bogus number of reserved sectors
[  998.484039] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:21 executing program 4 (fault-call:2 fault-nth:72):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:21 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x34000, 0x2}}}, 0x50}}, 0x0)

03:45:21 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d5, &(0x7f0000000100)=0x6)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:21 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x1, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
setsockopt$inet6_dccp_buf(r1, 0x21, 0x2080, &(0x7f0000000080)="0217527c4e23ef3b86576b3590c2bcef29c84ca4d34637ea51e05534d845a2c634cdb5fa916087cad26d96adac9ad36ebda8701952b1ad7d2b2faca73ff662d6f316af1c59e2025cac746dd61ab41a33111d89fe1dd94fbb2469116ef7010f1f7d0b6a63cba4f550037b4a4d10d2d1561dd46134fb59bdec603726f6adbdbf827c90d21c8cf7e5312c278bd2e6d4dd4c81ea6a89130ecd07d6f8fa940ffe5073", 0x273)

03:45:21 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:21 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xffffffffa0018000, 0x2}}}, 0x50}}, 0x0)

03:45:21 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:21 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f00000000c0)={<r2=>0x0, 0x0, 0xfffffffe0, 0x5, 0x2, 0x5}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={r2, @in6={{0xa, 0x4e21, 0x400, @remote, 0x5}}}, 0x84)
r3 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000200), &(0x7f0000000240)=0x14)

[  998.663689] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  998.702737] FAT-fs (loop3): bogus number of reserved sectors
[  998.713364] FAULT_INJECTION: forcing a failure.
[  998.713364] name failslab, interval 1, probability 0, space 0, times 0
[  998.738421] FAT-fs (loop3): Can't find a valid FAT filesystem
[  998.816752] CPU: 1 PID: 14544 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  998.825315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  998.834673] Call Trace:
[  998.834701]  dump_stack+0x244/0x39d
[  998.834729]  ? dump_stack_print_info.cold.1+0x20/0x20
[  998.834755]  ? __find_get_block+0xf10/0xf10
[  998.834781]  should_fail.cold.4+0xa/0x17
[  998.840984]  ? print_usage_bug+0xc0/0xc0
[  998.841006]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  998.841022]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  998.841043]  ? ext4_data_block_valid+0x28b/0x330
[  998.850555]  ? __check_block_validity.constprop.78+0xd9/0x210
[  998.850577]  ? zap_class+0x640/0x640
[  998.850596]  ? ext4_map_blocks+0x429/0x1b50
[  998.863821]  ? find_held_lock+0x36/0x1c0
[  998.863844]  ? __lock_is_held+0xb5/0x140
[  998.863876]  ? perf_trace_sched_process_exec+0x860/0x860
[  998.879709]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.879737]  ? ext4fs_dirhash+0xb49/0x10d0
[  998.879765]  __should_failslab+0x124/0x180
[  998.879784]  should_failslab+0x9/0x14
[  998.879801]  __kmalloc+0x2e0/0x760
[  998.879822]  ? rcu_softirq_qs+0x20/0x20
[  998.887847]  ? rcu_softirq_qs+0x20/0x20
[  998.887863]  ? unwind_dump+0x190/0x190
[  998.887880]  ? ext4_htree_store_dirent+0x8d/0x5a0
[  998.887902]  ext4_htree_store_dirent+0x8d/0x5a0
[  998.896019]  htree_dirblock_to_tree+0x56b/0xae0
[  998.896051]  ? dx_probe+0x1120/0x1120
[  998.896069]  ? save_stack+0xa9/0xd0
[  998.907071]  ? save_stack+0x43/0xd0
[  998.907090]  ? ext4_readdir+0x2734/0x3c30
[  998.907105]  ? iterate_dir+0x48c/0x5d0
[  998.907127]  ? ovl_check_d_type_supported+0x272/0x480
[  998.915581]  ? ovl_fill_super+0x133d/0x3f33
[  998.915595]  ? mount_nodev+0x73/0x120
[  998.915610]  ? ovl_mount+0x34/0x40
[  998.915624]  ? legacy_get_tree+0x131/0x460
[  998.915637]  ? vfs_get_tree+0x1cb/0x5c0
[  998.915654]  ? do_mount+0x70c/0x1d90
[  998.922995]  ? ksys_mount+0x12d/0x140
[  998.930930]  ? __x64_sys_mount+0xbe/0x150
[  998.930948]  ? do_syscall_64+0x1b9/0x820
[  998.930968]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  998.930989]  ext4_htree_fill_tree+0x40c/0xd60
[  998.939713]  ? do_split+0x1bc0/0x1bc0
[  998.939735]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  998.939753]  ? check_preemption_disabled+0x48/0x280
[  998.939779]  ? __lock_is_held+0xb5/0x140
[  998.949120]  ? ext4_readdir+0x2734/0x3c30
[  998.949139]  ? rcu_read_lock_sched_held+0x14f/0x180
[  998.949161]  ? kmem_cache_alloc_trace+0x353/0x750
[  998.956598]  ext4_readdir+0x1ca1/0x3c30
[  998.956639]  ? __ext4_check_dir_entry+0x350/0x350
[  998.956658]  ? fsnotify_first_mark+0x350/0x350
[  998.956686]  ? lock_acquire+0x1ed/0x520
[  998.964440]  ? iterate_dir+0xd8/0x5d0
[  998.964477]  ? lock_release+0xa10/0xa10
[  998.964493]  ? perf_trace_sched_process_exec+0x860/0x860
[  998.964510]  ? debug_lockdep_rcu_enabled+0x77/0x90
[  998.964535]  ? fsnotify_first_mark+0x350/0x350
[  998.973619]  ? down_read_killable+0x90/0x150
[  998.973634]  ? iterate_dir+0xd8/0x5d0
[  998.973653]  ? down_write+0x130/0x130
[  998.985308]  iterate_dir+0x48c/0x5d0
[  998.985338]  ovl_check_d_type_supported+0x272/0x480
[  998.985360]  ? ovl_cleanup_whiteouts+0x2a0/0x2a0
[  998.985379]  ? ovl_dir_fsync+0x4f0/0x4f0
[  998.993778]  ovl_fill_super+0x133d/0x3f33
[  998.993799]  ? vfs_get_super+0x270/0x270
[  999.001334]  ? ovl_show_options+0x550/0x550
[  999.001405]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.009596]  ? get_anon_bdev+0xc0/0xc0
[  999.009612]  ? sget+0x113/0x150
[  999.009633]  ? ovl_show_options+0x550/0x550
[  999.009650]  mount_nodev+0x73/0x120
[  999.019502]  ? ovl_own_xattr_set+0x10/0x10
[  999.019519]  ovl_mount+0x34/0x40
[  999.019544]  legacy_get_tree+0x131/0x460
[  999.028877]  vfs_get_tree+0x1cb/0x5c0
[  999.028893]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  999.028911]  do_mount+0x70c/0x1d90
[  999.028931]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[  999.028951]  ? copy_mount_string+0x40/0x40
[  999.042159]  ? copy_mount_options+0x5f/0x430
[  999.042181]  ? kmem_cache_alloc_trace+0x353/0x750
[  999.042203]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  999.052060]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.052076]  ? copy_mount_options+0x315/0x430
[  999.052098]  ksys_mount+0x12d/0x140
[  999.060913]  __x64_sys_mount+0xbe/0x150
[  999.060936]  do_syscall_64+0x1b9/0x820
[  999.060961]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  999.069530]  ? syscall_return_slowpath+0x5e0/0x5e0
[  999.069552]  ? trace_hardirqs_on_caller+0x310/0x310
[  999.069575]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  999.244560]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[  999.251266]  ? __switch_to_asm+0x40/0x70
[  999.255326]  ? __switch_to_asm+0x34/0x70
[  999.259376]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  999.264214]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  999.269430] RIP: 0033:0x457569
[  999.272641] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  999.292139] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  999.299861] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[  999.307135] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
03:45:22 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xf0cc}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:22 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xc86, 0x2}}}, 0x50}}, 0x0)

03:45:22 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:22 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x24100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, r2, 0xb2f, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x11}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x12}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000000))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xc0, 0xf4, &(0x7f0000000080)="0d2b3bff9f41662417a4b2147fa384d53c7134d45417c1e9d10eb7462e2e8c0f3a9060758f8a1bad5dba108ff1dba582957f5619d7b08676885cd1e32bf2a31428bd1560aa12bc0a5577b67d42f85081f9b5cf2e653978ff36ab48b73aa97c25aa922fdc10a1fe493d009a2efbfc594aae838c80d975b872ba4f6e15b2acc67f5d1ff0c00ae4a212b01e81e1fd02e05cc53c1e6fee653d880578bfabc66f359568a77a0bdb3e2d3cfca526b5c0b1542ff59ed17c26b35e048a0460e2acb4e07f", &(0x7f0000000140)=""/244, 0xc6}, 0x28)

[  999.314408] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[  999.321666] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[  999.328921] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:22 executing program 4 (fault-call:2 fault-nth:73):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:22 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xfffff000, 0x2}}}, 0x50}}, 0x0)

03:45:22 executing program 2:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000140), 0xa)
getsockname$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:22 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000))
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:22 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf0ffffff, 0x2}}}, 0x50}}, 0x0)

[  999.551408] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[  999.568709] FAT-fs (loop3): bogus number of reserved sectors
[  999.581136] FAT-fs (loop3): Can't find a valid FAT filesystem
[  999.596911] FAULT_INJECTION: forcing a failure.
03:45:22 executing program 2:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r0, &(0x7f0000000140), 0xa)
getsockname$unix(r0, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[  999.596911] name failslab, interval 1, probability 0, space 0, times 0
[  999.628314] CPU: 0 PID: 14582 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[  999.636828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  999.646221] Call Trace:
[  999.646249]  dump_stack+0x244/0x39d
[  999.646274]  ? dump_stack_print_info.cold.1+0x20/0x20
[  999.646299]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  999.646334]  should_fail.cold.4+0xa/0x17
[  999.646356]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  999.646399]  ? __lock_acquire+0x62f/0x4c20
[  999.657798]  ? is_bpf_text_address+0xd3/0x170
[  999.671883]  ? print_usage_bug+0xc0/0xc0
[  999.671900]  ? kernel_text_address+0x79/0xf0
[  999.671919]  ? __kernel_text_address+0xd/0x40
[  999.671935]  ? zap_class+0x640/0x640
[  999.671960]  ? mark_held_locks+0x130/0x130
03:45:22 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[  999.689149]  ? __lock_is_held+0xb5/0x140
[  999.689185]  ? perf_trace_sched_process_exec+0x860/0x860
[  999.689202]  ? mark_held_locks+0x130/0x130
[  999.689241]  __should_failslab+0x124/0x180
[  999.697442]  should_failslab+0x9/0x14
[  999.705736]  kmem_cache_alloc+0x2be/0x730
[  999.705756]  ? check_preemption_disabled+0x48/0x280
[  999.705778]  ? ratelimit_state_init+0xb0/0xb0
[  999.705795]  ext4_alloc_inode+0xc7/0x880
[  999.705814]  ? ratelimit_state_init+0xb0/0xb0
[  999.715492]  ? find_held_lock+0x36/0x1c0
[  999.715518]  ? get_cached_acl+0x35c/0x460
[  999.715536]  ? lock_downgrade+0x900/0x900
[  999.715550]  ? check_preemption_disabled+0x48/0x280
[  999.715574]  ? rcu_read_unlock_special+0x1c0/0x1c0
[  999.715592]  ? kasan_check_read+0x11/0x20
[  999.723624]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[  999.723645]  ? rcu_softirq_qs+0x20/0x20
[  999.723662]  ? zap_class+0x640/0x640
[  999.723686]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.723705]  ? ratelimit_state_init+0xb0/0xb0
[  999.737360]  alloc_inode+0x63/0x190
03:45:22 executing program 1:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000140)={0x8ee7, 0x1})
chroot(&(0x7f00000001c0)='./file0\x00')
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000080)=0x6420, 0x4)
r3 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000180)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x4840)
shmget$private(0x0, 0x3000, 0x1160, &(0x7f0000ffb000/0x3000)=nil)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000100)={0x9, 0xd8c})
bind$bt_rfcomm(r3, &(0x7f0000000040), 0x2)

[  999.737379]  new_inode_pseudo+0x71/0x1a0
[  999.737394]  ? prune_icache_sb+0x1c0/0x1c0
[  999.737420]  new_inode+0x1c/0x40
[  999.737437]  __ext4_new_inode+0x4c8/0x65a0
[  999.746011]  ? print_usage_bug+0xc0/0xc0
[  999.746036]  ? __kernel_text_address+0xd/0x40
[  999.746060]  ? ext4_free_inode+0x1a10/0x1a10
[  999.746086]  ? __lock_acquire+0x62f/0x4c20
[  999.746102]  ? save_stack+0xa9/0xd0
[  999.746118]  ? save_stack+0x43/0xd0
[  999.746129]  ? kasan_kmalloc+0xc7/0xe0
[  999.746139]  ? kasan_slab_alloc+0x12/0x20
[  999.746162]  ? mark_held_locks+0x130/0x130
[  999.746178]  ? do_syscall_64+0x1b9/0x820
[  999.746201]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  999.768530]  ? percpu_ref_put_many+0x11c/0x260
[  999.768550]  ? lock_downgrade+0x900/0x900
[  999.768566]  ? check_preemption_disabled+0x48/0x280
[  999.768586]  ? kasan_check_read+0x11/0x20
[  999.768609]  ? zap_class+0x640/0x640
[  999.803369]  ? rcu_softirq_qs+0x20/0x20
[  999.803391]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.803424]  ? check_preemption_disabled+0x48/0x280
[  999.819332]  ? __lock_is_held+0xb5/0x140
[  999.819356]  ? zap_class+0x640/0x640
[  999.819376]  ? rcu_read_lock_sched_held+0x14f/0x180
[  999.836125]  ? __lockdep_init_map+0x105/0x590
[  999.836147]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.836164]  ? d_set_d_op+0x31d/0x410
[  999.836187]  ? find_held_lock+0x36/0x1c0
[  999.836231]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.861522]  ? __dquot_initialize+0x629/0xdd0
[  999.861546]  ? lock_downgrade+0x900/0x900
[  999.861566]  ? dquot_get_next_dqblk+0x180/0x180
[  999.879424]  ? kasan_check_read+0x11/0x20
[  999.879439]  ? do_raw_spin_unlock+0xa7/0x330
[  999.879474]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.901742]  ext4_tmpfile+0x187/0x4e0
[  999.901768]  ? ext4_orphan_add+0xdb0/0xdb0
[  999.928382]  ? security_inode_permission+0xd2/0x100
[  999.928405]  ? inode_permission+0xb2/0x560
[  999.928424]  vfs_tmpfile+0x13b/0x2a0
[  999.928448]  ovl_fill_super+0x139b/0x3f33
[  999.942635]  ? vfs_get_super+0x270/0x270
[  999.942669]  ? ovl_show_options+0x550/0x550
[  999.942714]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  999.955908]  ? get_anon_bdev+0xc0/0xc0
[  999.955924]  ? sget+0x113/0x150
[  999.955945]  ? ovl_show_options+0x550/0x550
[  999.955961]  mount_nodev+0x73/0x120
[  999.955980]  ? ovl_own_xattr_set+0x10/0x10
[  999.955994]  ovl_mount+0x34/0x40
[  999.956010]  legacy_get_tree+0x131/0x460
[  999.956032]  vfs_get_tree+0x1cb/0x5c0
[  999.956050]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1000.012058]  do_mount+0x70c/0x1d90
[ 1000.012088]  ? copy_mount_string+0x40/0x40
[ 1000.019949]  ? retint_kernel+0x2d/0x2d
[ 1000.019974]  ? copy_mount_options+0x25c/0x430
[ 1000.019993]  ? copy_mount_options+0x25c/0x430
[ 1000.031204]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1000.031220]  ? copy_mount_options+0x315/0x430
[ 1000.031241]  ksys_mount+0x12d/0x140
[ 1000.031260]  __x64_sys_mount+0xbe/0x150
[ 1000.043805]  do_syscall_64+0x1b9/0x820
[ 1000.043825]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1000.043850]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1000.052235]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1000.052254]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1000.052273]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1000.052290]  ? __switch_to_asm+0x40/0x70
[ 1000.062303]  ? __switch_to_asm+0x34/0x70
[ 1000.062327]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1000.062353]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1000.070452] RIP: 0033:0x457569
[ 1000.070480] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1000.070489] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1000.070505] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1000.070519] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1000.078480] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1000.078490] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1000.078499] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1000.095761] overlayfs: upper fs does not support tmpfile.
03:45:23 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc4f0000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:23 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:23 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_SIOCGIFBR(0xffffffffffffffff, 0x8940, &(0x7f0000000240)=@generic={0x0, 0x2})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000440)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000540)=0xe8)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000580)=r2)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x0, &(0x7f0000001000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xfffffffffffffffe}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280))
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000100)=0x59aa, 0x4)
recvmsg(r3, &(0x7f0000000200)={&(0x7f0000000280)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000c40)=""/160, 0xa0}, 0x0)
syz_emit_ethernet(0x437, &(0x7f0000000700)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev, @local, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000001780))
sendto$inet6(r3, &(0x7f0000000300), 0x0, 0x0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/231, 0xe7)
bind$bt_rfcomm(r1, &(0x7f0000000040), 0x2)

03:45:23 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x300, 0x2}}}, 0x50}}, 0x0)

03:45:23 executing program 4 (fault-call:2 fault-nth:74):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:23 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488d")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[ 1000.297698] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1000.335051] FAT-fs (loop3): bogus number of reserved sectors
[ 1000.344147] FAULT_INJECTION: forcing a failure.
[ 1000.344147] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.371168] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1000.380480] CPU: 0 PID: 14614 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1000.388988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
03:45:23 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:23 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xa0020000, 0x2}}}, 0x50}}, 0x0)

[ 1000.398349] Call Trace:
[ 1000.400957]  dump_stack+0x244/0x39d
[ 1000.404618]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1000.409835]  ? __kernel_text_address+0xd/0x40
[ 1000.414348]  ? ___ratelimit.cold.2+0x5e/0x5e
[ 1000.418805]  should_fail.cold.4+0xa/0x17
[ 1000.422909]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1000.428036]  ? save_stack+0x43/0xd0
[ 1000.431682]  ? kasan_kmalloc+0xc7/0xe0
[ 1000.435583]  ? __kmalloc+0x15b/0x760
[ 1000.439313]  ? ext4_htree_store_dirent+0x8d/0x5a0
03:45:23 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:23 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x20000000, 0x2}}}, 0x50}}, 0x0)

[ 1000.444179]  ? htree_dirblock_to_tree+0x56b/0xae0
[ 1000.449040]  ? zap_class+0x640/0x640
[ 1000.452764]  ? ovl_check_d_type_supported+0x272/0x480
[ 1000.457966]  ? ovl_fill_super+0x133d/0x3f33
[ 1000.462298]  ? mount_nodev+0x73/0x120
[ 1000.466111]  ? ovl_mount+0x34/0x40
[ 1000.469658]  ? legacy_get_tree+0x131/0x460
[ 1000.473897]  ? vfs_get_tree+0x1cb/0x5c0
[ 1000.477886]  ? do_mount+0x70c/0x1d90
[ 1000.481638]  ? find_held_lock+0x36/0x1c0
[ 1000.485748]  ? __lock_is_held+0xb5/0x140
[ 1000.489840]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1000.495304]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1000.500852]  ? ext4fs_dirhash+0xb49/0x10d0
[ 1000.505125]  __should_failslab+0x124/0x180
[ 1000.509383]  should_failslab+0x9/0x14
[ 1000.513199]  __kmalloc+0x2e0/0x760
[ 1000.516756]  ? rcu_softirq_qs+0x20/0x20
[ 1000.520759]  ? rcu_softirq_qs+0x20/0x20
[ 1000.524763]  ? unwind_dump+0x190/0x190
[ 1000.528665]  ? ext4_htree_store_dirent+0x8d/0x5a0
[ 1000.533532]  ext4_htree_store_dirent+0x8d/0x5a0
[ 1000.538226]  htree_dirblock_to_tree+0x56b/0xae0
[ 1000.542926]  ? dx_probe+0x1120/0x1120
03:45:23 executing program 2:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x4800}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:23 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2000000, 0x2}}}, 0x50}}, 0x0)

[ 1000.546750]  ? save_stack+0xa9/0xd0
[ 1000.550386]  ? save_stack+0x43/0xd0
[ 1000.554027]  ? ext4_readdir+0x2734/0x3c30
[ 1000.558188]  ? iterate_dir+0x48c/0x5d0
[ 1000.562088]  ? ovl_check_d_type_supported+0x272/0x480
[ 1000.567328]  ? ovl_fill_super+0x133d/0x3f33
[ 1000.571673]  ? mount_nodev+0x73/0x120
[ 1000.575490]  ? ovl_mount+0x34/0x40
[ 1000.579045]  ? legacy_get_tree+0x131/0x460
[ 1000.583290]  ? vfs_get_tree+0x1cb/0x5c0
[ 1000.587277]  ? do_mount+0x70c/0x1d90
[ 1000.591016]  ? ksys_mount+0x12d/0x140
[ 1000.594838]  ? __x64_sys_mount+0xbe/0x150
[ 1000.598999]  ? do_syscall_64+0x1b9/0x820
[ 1000.603077]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1000.608465]  ext4_htree_fill_tree+0x40c/0xd60
[ 1000.612984]  ? do_split+0x1bc0/0x1bc0
[ 1000.616823]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1000.622379]  ? check_preemption_disabled+0x48/0x280
[ 1000.627433]  ? __lock_is_held+0xb5/0x140
[ 1000.631540]  ? ext4_readdir+0x2734/0x3c30
[ 1000.635738]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1000.640770]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1000.640800]  ext4_readdir+0x1ca1/0x3c30
[ 1000.640836]  ? __ext4_check_dir_entry+0x350/0x350
[ 1000.654503]  ? fsnotify_first_mark+0x350/0x350
[ 1000.654535]  ? lock_acquire+0x1ed/0x520
[ 1000.654551]  ? iterate_dir+0xd8/0x5d0
[ 1000.654575]  ? lock_release+0xa10/0xa10
[ 1000.654589]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1000.654612]  ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1000.663181]  ? fsnotify_first_mark+0x350/0x350
[ 1000.663215]  ? down_read_killable+0x90/0x150
[ 1000.663241]  ? iterate_dir+0xd8/0x5d0
[ 1000.663260]  ? down_write+0x130/0x130
[ 1000.671067]  iterate_dir+0x48c/0x5d0
[ 1000.671096]  ovl_check_d_type_supported+0x272/0x480
[ 1000.671117]  ? ovl_cleanup_whiteouts+0x2a0/0x2a0
[ 1000.671136]  ? ovl_dir_fsync+0x4f0/0x4f0
[ 1000.681551]  ovl_fill_super+0x133d/0x3f33
[ 1000.681573]  ? vfs_get_super+0x270/0x270
[ 1000.681606]  ? ovl_show_options+0x550/0x550
[ 1000.690620]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1000.690640]  ? get_anon_bdev+0xc0/0xc0
[ 1000.690658]  ? sget+0x113/0x150
[ 1000.698300]  ? ovl_show_options+0x550/0x550
[ 1000.698316]  mount_nodev+0x73/0x120
[ 1000.698335]  ? ovl_own_xattr_set+0x10/0x10
[ 1000.698349]  ovl_mount+0x34/0x40
[ 1000.698365]  legacy_get_tree+0x131/0x460
[ 1000.707090]  vfs_get_tree+0x1cb/0x5c0
[ 1000.707107]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1000.707125]  do_mount+0x70c/0x1d90
[ 1000.707144]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1000.707166]  ? copy_mount_string+0x40/0x40
[ 1000.707186]  ? copy_mount_options+0x5f/0x430
[ 1000.707207]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1000.707225]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1000.707245]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1000.707259]  ? copy_mount_options+0x315/0x430
[ 1000.707285]  ksys_mount+0x12d/0x140
[ 1000.724292]  __x64_sys_mount+0xbe/0x150
[ 1000.724317]  do_syscall_64+0x1b9/0x820
[ 1000.724336]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1000.724356]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1000.724377]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1000.724395]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1000.724414]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1000.724428]  ? __switch_to_asm+0x40/0x70
[ 1000.724441]  ? __switch_to_asm+0x34/0x70
[ 1000.724473]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1000.769598]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1000.769612] RIP: 0033:0x457569
[ 1000.769630] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1000.769639] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1000.769654] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1000.769669] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1000.778734] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1000.778744] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1000.778753] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:23 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x800000000000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:23 executing program 1 (fault-call:3 fault-nth:0):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:23 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xffffff7f, 0x2}}}, 0x50}}, 0x0)

03:45:23 executing program 4 (fault-call:2 fault-nth:75):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:23 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488d")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:23 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[ 1001.088377] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1001.101753] FAT-fs (loop3): bogus number of reserved sectors
03:45:24 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2000, 0x2}}}, 0x50}}, 0x0)

03:45:24 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x2)
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000140), 0xa)
getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[ 1001.139780] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1001.168156] FAULT_INJECTION: forcing a failure.
[ 1001.168156] name failslab, interval 1, probability 0, space 0, times 0
03:45:24 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x401, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000001180)={r0, r0, 0x1f98, 0x7, &(0x7f0000000180)="efc00ed9d8d85bd99f22872aa443a58a1622cf6a6172dd94b420936ff6f6f1f92ad1fa9c44be3297bd76e1c7581b2d29cec1793553a71df23bfae7cf9b3db2af1823cca160d4b33e1f515c734d3fed1437672cea54775300ca0e45cf17f0cfcfcaafe42cef96385ca6f12c4df2d59d97a8f02a2b9c62b5c7f8e8c4e5d719b75edcfbc66041c0bdc134f98f6afaf75fe7e2264ba5d356abcaaae2a57f3fde999c9a5fac594f1255c4faca120b27cd0dfa11c06e761e97dd6df6b856dc8c598dd9717e87104079ec1f11dc47769fe7a3f6fb282247b57b69c6ca46a1cd87ded2a3c1f5c0041d1df27bb713899ab694b1612c0decba2fdfe4490a1b57ccfacba78e92bc16bf1523b4d9dbda854eae3fd80856d0a23949e3f8ad3c0f778a40a809170f0c5701374ba8ba34d560ebd9b396916ebdcf66c3179558926aa350ebff65477d7ad1ce6a997d31eb7444fb723911c46137eb150c5ece532fca9e854127cf995b46f7bc9cf7895e6a7ceeda16fe5e9774ef3d251c8d042e44b87a1914e22b60da32fb1a0ee521890435542587e53491ed7dc16c188485c56e24b94e7f997755597e0cad46275b39b25a09d5452a0736d0a7cd6294a9d8ea2a0a9e78ba59377520c49d2665765b30c9341564b8ad084ca22c99920e4f58b6b9de05c3afd36cc5b79b9b9646cb45ccc9d6911478adbe91f6e69c4e77a828f0c9f5a879cdd5591ca3f308035c1c673c0ae87f8e6c87a7ec51f0f33d6d1edf32931580cd9ff9aadfe78e0cbf9f29bf27063aeb4bbae090cc094735b045af0b9b58e121dc42e2b19c56faf57fe76a8ef152ca89059262bd704aa2349968ce0fe0561e3cef85a66201846f10c4ed67386d75b6f442c9e6b2e6bc2bb1582e798c3d7ffdece4d007f789686e8b82e34f24c2a42680d335420cf92154684ec22cd75d83eb04ef6339954db4b91f2241cbc2a516ca98078d6caeaebc8569612599272547f72a21c614fad1e5b4d3bcf9cd057edc5657904e58f0df664aef39891a3e54198d1aed7e700be547688ddb52cc108caf484900bb0eba4feb03416eedf296f0af6e55d1f2124a58f1a33feb61cc6c22bbdc01d046dad06bdd1269269b3a895df460c40ce8fa61196ad80133b65a3ef10fdb8c20b543efa6080ad5c13a08ef8a6ea807732a8c8352c2ca4c53cd382ac2afe17bd870f443deaa42b4245eccb3980caa9684d139f0502d60614abd1da7ebbadb6cea2f5eaeb9d126a95aa7e615747ced4134ebd2fec1f2132ce9a4d734c012dfe9c5976698654738d54e9a79a7b72c48766bd29a898973f322d3e8405ec2d1c8e7772975fdf6849fcf2b810f1ef26fb550d92e5c050af4b4420559aef892a236d2401f25ac6ec122d9f04afdfb4a37566f6c7379b8cb126165fe1eaba4438a6db3a1d3b202f96308d5a55fd8917fb16996c89a326313cdf8b18796482c494ab9449afcf9481a00bf06d49439b7972d5954bb297e50f02f7a38cf9cf66a52920ac57db9f0460346036b10830f10f7cf149e3bf32108a742a3a11c8d7fd5b96000bc8021e81e7a385f18c4fbf529f4b8585b49adc911e6d2b2461140c509be818c38030b79254241209ecf699d503a003ba90ce4da3e9647dee54983670e1bae6838fb147c9f080928c37298af738ca234bc2ba74903ef5f3cb7bcb9296bfa81b64d09ce900bd42ca88d8ba1f720b4e00eb86c1e8c7682669463bc93b97d94a963f819c0e142c235a60d707fe5ec77908f1aa24716af15dc4ca5bd3f6fbfa070b82aa5ae7f73da1f7baf282bf509282e8f5d16da6800b6b3822b1671227ea8494970243549e12099365ad621be6e744175da0baff6cb2dcfd37cffa29ab893ed84eaa3131a5db63b1fb4c2eadb4b84e0acf844eec5d68d6cd3dfbddd939cbf401915594aad70f4aa83128e0e246f8427b5d1af926b40101e784b79916817e4d0b928a1237e34eef83cd8e14bca23fe1e459920fd6c92901a42535429a78e5f158c5c5e4fd48046a01da0205172f17cc3b6dc628898ce62d2567b90abc272226e1d0c2c20eb28ae32146116896dc278a4183a1f43bee038358ef24aa949e2db8f4df9e7cbcd4548a810ee0ba3a82ef981ea98e4ebbfa335d5628fb147b3a5ff577954b209df7bf64db19b4037e726ece8e723fc3f3808e7cd424f986889b7daf01506868cd85f845682adac268f14ed5e99239f803b53d6d5db3bb385195011aa13b5f9315b658c50a9c4c6fd9de4f0ea5df15d1ccbe57017a01dd36d8e1ed5f2944dcbf7f0be399542783f966e134d28d7e1af8baec03eec5b0aa8d73b6dba3d6c4fcea9db8640cf244ce0b34800443d25755220746f6469310b75d8b61db509e4c353114370d8948653d6633a9f5e74b4c84f80577bc2e942392d9f272b517d7f36fd4ba61207c1ea1b7786d4b62a7bc967baf631d2fa617826a2db932b4305dd1c469869002258d35d5ce8f983e3173859ddc109638c268e597173b1c3dc62bae5ad608ac7ac5d98d52761bb40483313a5fcfb0dcfdb33046e5469a2e1a8a235f1f18d4a0c348f5acef090893e98e9a9822512035ac618ba3f4166a324bd5156b3e480c3fd897ce24cbb987190e1a0c5b6fc10e07042d9f6670435bd3d55a81403a0dc90a605ecc7c848c876b64c644fab2834f7a771bbc159e96114175c9799fb17f86cce5a7447322b6746afae2f1878ffc4740855144b24ee7a6cdceec928c8886d7e2aaa831ef3f551233bfd610128b118e7d1ddab7343306a00fadf77890d12fdf14c2545fcd048510fac53064f2fc9688bb7317f0c63ace09db987e4a36b8b392b20cb363a5a716cfe9149889efe1ab22af91b65ab278703765999707397a8b1414f04a9c6aeabe4642e87933e1c6e452fec9903d92980e9d3ddaf663f3fc5e823bb01f0941af8c12c1a86c1dd5534b06e8342c282a577397364cde5e2904df2574b02d707c6e2ea949da5a8e93b9ea323f8d2eb0b94946e3e70e85af577bfdc8cd7bef374369eeb5ba9263dcc1142d8e57773483b6031d28051a7626bd53700947bfdf4696d8079750175f6ba387c524c42a435b0fab845b75759c1e512a95a2a0159ffd911218c5f5cc64cbb85e55452ee424ba0f160846ff92d92afcc1fa1d721662024b2d99f7d4d22b6593999c0be2f388150a4a883bfcaeac0561dd8a4efcc8655ccec17f4e0e2f6ac59f68bffa88f8afc41af322889b49a2d4bf1105d23038da1b8828bc1a2d4cd4e39c218002c043946e3f44ed310b6ab07c93b68145837ae841e51af55a0fe5879cdf936f7ba1d1d791637f68bec6f1f64dd23ed9eb190db1520df8d70bd577c063ec0525755e3729131783993ad71ff608e969c296ad0566bc032f54faf86a4fbfff172cdab680ac362c9a041cd044c5c2fbe9e8de51a07ce162cf0ba10183a51e490e73a5a5b94b833abd3239d3353cca99eb93f4fd5bf86816b9329d699f71f77e12289cb6cdb4f66dd47decab505db4f5b6275fa58db0914e9bad73abc5d7c3dd701164849dc27790e14eeb6d9e4bcb27031068f18a480b37c0bee336dfa023855e24dad44e1d279bb6783d1cfac1f74e2630a295312a9f03701566387159b56fd0af72e01af01e5e9ec8bbb824c575b4bc0094c524935172c465e7f64bcfa3693a4f3cb89b6bae7ca314d0e28e2fce458326118865457d488a3f51d36f8be62f7d61897ccf5873da8e204c957c7ef9ee77294a75a8d383fdc5c9dc135043d7dfcdccc1604d32f94411cc92c5eece33bc5da9688ac589fdd5b8bcc5b53c529b1646e0d1127dd8a748e66631fdefd1de132823f855d329b7e159568c043dc3c084842dc3822c1ca1b15dad19abef3ec9637beaf60895f4f8604c8a388f0f2d1ec913448ed6ea1166945bb3a28e21ec95174d79592463e4695f98789ef2cd09ff42ec27e49334d557b6bc1c3458d2fdf14e1b00c4f0643bae49b47c6df971b67a55936b6f86b9eb39a51bb704f9019c568769fe2199521d4b4bf8869d9de39a590f50b7e3985d39adabfaf0528692413180e3793c052de82a7ffbf123005d43cf27057dbf0a282960707b02da9b76444b07255f91b256eae09c96985d997a500b2b6e79f98e0a0702d8eb06d536d3cce79e5113403c588f2814496bdc885d7badd71bd94b4a6266ed6d4e7773b7bb8a24c9e02209dec3cfd6902ff23ba9be53cdd3489d823f8ee6313b7a843d9c0a46ad3a472adad8e8d82fd10658a583ebaf3de090469176b4cc219264596a7d44c228f8b1f1962f53db7425a00cc536333035939af32f026ff71f1691d25bd42f9793dad6e125308bacfc10e95985c3caca7c0376b7c782a56a9982b7a127be4736ac207cf310fd375b39d5428f62cad0d579c6a8de72cf6bd9ae2c8ad3f43bd9beb15c2fb9a96de058717e6aee373236c5d69fa5be4d8a224583d0e8290e1dc24491e567a802e024c73cd085d14b5bf53ba41ba6a84fbcb265497f654250725ee014c72c034f1e216b89d74ec2fd1106772611ed9ddbdb97f70bdb292a4e5aa82bc1210d2d51a08fdfaf67aca04ae34391a9a22b699ec93747aa64c07c97b828b83244fc83032b0302e4070546a78ddfe2166af7088b181be22c419da91e84522f5b9b89f8d166f0a2a1da4f2a1ea6cfefd86fe9830414080b146a8be1faa51801535dc79358f23c27d8686d1de69997f01c2808aa73415d2d5e59be03056502942de7fe7cc05d87adcae61ce02026eb65ffcf750bda0b0eadff8598f51d94b765fcc74001f2e6a3c53946a529d6b145c8f1ad84045cee43380f3d9aaf370a202813f1a06aaea1c5d08f485d56228fc43c9a3550c73eccdb6e6c48878ada5cf84bc31e09d831a1c9fdb131f602e0440cb7ff657f1fab9c57cf1784d791599f624808098b29a2f9c3c266f7cc5c2aabae7742d69ebc3789d9f0402a7a773bb1278ea8def1cd2bf5b427e4310d1e06021833d3a0cee6011d3215ebdf0dea8d7b4ac780678e3734e3a733f675ad7a217c0ff0067764d54333ddde0ff051c2e1da20e4b9c881e361d7e3eeab445cc78ba8f8e5d49bfb49c2d7e86d6342fc9aa9e0d0452a5342d3736c297cfe64a26396f1044074be3e8fe37529a9302f3f775d74f9146eb1b11b3b2dd672c39f825e2b40d4fd0987ba6f1462ddc2ebcb18f0fe0648e9a3d89ea944d88b4f48f897107301c49c3b9ab967fd441c5f5346e9750469b6706d173861b476180533bed7fa55bb2262026bec8ca79d8b781a3c15fa3eb9f2ce041f2f287d9bf4d93d82630ed3805538d7adb7d8a3c54f57a35f10da79ece0305cba8ea1ac5c4106c0d5fbb5d330fcdbaa4f774179de5afd9749835d9064f22cfb0fb40e042288bbed2aa20afb93f260d96df55a12dcdaa30f2f9ffbc4d997d1110394b685d3138d45ac909ca6257bca96e53220bca92f8e436bb0e47fb4613b2ad12f0e74d5eacc746899a42889d2e6b0216bddeb9f4e55be9c0dc0e7e9106fdc0eb71ff6d427db837f595e1e1d64d1745844c52f3338faed5f718cf34352284ac11b1361408ab62b58d90f9a95f66501ac8301fa9205e999070bac857595f2842a0779c574e1d745602709abffdfb63fd213026cb314079accb3f58f1d211f29526ddf734b62b4bebf55fcab8482f46b98237c16c0c40416d8219a08f3b8693a7818668a6995ce9ff0a5436a4e198a75ad71cd6e77cabd5f5860d612cb7cbfe9a427b8e343dc1c3f9d4c63a19d2cf1927a1f6f9a6bf1a040b4cbfb9a5ddbfa7a6497a843d69f419adb8bba977340eaa7bfcfcc406fc36", 0x9, 0x4, 0x1e, 0x3f, 0x1ff, 0x2, 0x9b, "341535e3e5890b192c344cb6c063f3cf7e916d730d3fa53c4b237cbd5423b283f021e9a064ba6ad0311d43f3a170d35fc2936c4461aedeb49bdee0927f382f06adb20b84480066e241f044e3b6a929d99b61aa0c2b9eafeef2e21f674d7848ea5043e67f0ed5e304335e7972d1aef46540a3aa6e3b17232511e4e7fd7b053f2f46e36dd0a31685492001cfcbde894abdd9fe3f3e3e005aa96c8e9157975b9ad20be7691ae0f3633768cfe6c3742b691353d8f1bd630cf566ebbe64855878b2da46b3110c1a29cfb9f353f22a3c39f8bff96b3a8323d3b6d832e32a0bba5f59787b39d9526517c2881769439a375f6fd3ab95e6410da2"})
r2 = dup3(r0, r0, 0x0)
ioctl$BLKGETSIZE64(r2, 0x80081272, &(0x7f0000000040))
r3 = fcntl$dupfd(r0, 0x406, r0)
bind$bt_rfcomm(r3, &(0x7f0000000140), 0xa)
getsockname$unix(r3, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[ 1001.237043] CPU: 0 PID: 14658 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1001.245581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1001.245589] Call Trace:
[ 1001.245616]  dump_stack+0x244/0x39d
[ 1001.245643]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1001.245665]  ? ext4_xattr_ibody_inline_set+0x2b0/0x2b0
[ 1001.245695]  should_fail.cold.4+0xa/0x17
[ 1001.245726]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1001.266488]  ? find_held_lock+0x36/0x1c0
[ 1001.280949]  ? zap_class+0x640/0x640
[ 1001.288733]  ? mntput_no_expire+0x1ba/0xc00
[ 1001.293076]  ? find_held_lock+0x36/0x1c0
[ 1001.297159]  ? __lock_is_held+0xb5/0x140
[ 1001.301251]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1001.301270]  ? rcu_softirq_qs+0x20/0x20
[ 1001.301305]  __should_failslab+0x124/0x180
[ 1001.314956]  should_failslab+0x9/0x14
[ 1001.318787]  __kmalloc_track_caller+0x2d1/0x760
[ 1001.323480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1001.323500]  ? check_preemption_disabled+0x48/0x280
[ 1001.323523]  ? ovl_fill_super+0x17e3/0x3f33
[ 1001.323544]  kstrdup+0x39/0x70
[ 1001.338407]  ovl_fill_super+0x17e3/0x3f33
[ 1001.338430]  ? vfs_get_super+0x270/0x270
[ 1001.338474]  ? ovl_show_options+0x550/0x550
[ 1001.338519]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1001.349886]  ? get_anon_bdev+0xc0/0xc0
[ 1001.359735]  ? sget+0x113/0x150
[ 1001.366901]  ? ovl_show_options+0x550/0x550
[ 1001.371237]  mount_nodev+0x73/0x120
[ 1001.374876]  ? ovl_own_xattr_set+0x10/0x10
[ 1001.374893]  ovl_mount+0x34/0x40
[ 1001.374915]  legacy_get_tree+0x131/0x460
03:45:24 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
arch_prctl(0x1005, &(0x7f0000000180)="b52a462e8f14d8d4ebb11d42ac153887b7d9c35c2746b67db08d4c90a2a7bf769dd774207e45c71e8609409a8f3cc26f85fcc91654ff02e96b197274407f3448fb3d616225692cc1c1cc3518b4224227b95bc89dd905c0c528bbdf9921967e2a0cf26cab1a15fd2e5a1e3768886acb61c81693e134718aa1e22988c5")
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=<r2=>0x0)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000100)=0x2, 0x4)
r3 = gettid()
kcmp(r2, r3, 0x7, r1, r0)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[ 1001.374938]  vfs_get_tree+0x1cb/0x5c0
[ 1001.374953]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1001.374970]  do_mount+0x70c/0x1d90
[ 1001.374989]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1001.375011]  ? copy_mount_string+0x40/0x40
[ 1001.382629]  ? copy_mount_options+0x5f/0x430
[ 1001.382649]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1001.382669]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1001.395273]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1001.395290]  ? copy_mount_options+0x315/0x430
[ 1001.395312]  ksys_mount+0x12d/0x140
[ 1001.395331]  __x64_sys_mount+0xbe/0x150
[ 1001.395353]  do_syscall_64+0x1b9/0x820
[ 1001.395373]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1001.395395]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1001.404481]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1001.404503]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1001.404522]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1001.404537]  ? __switch_to_asm+0x40/0x70
[ 1001.404550]  ? __switch_to_asm+0x34/0x70
[ 1001.404572]  ? trace_hardirqs_off_thunk+0x1a/0x1c
03:45:24 executing program 2 (fault-call:2 fault-nth:0):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448f0, &(0x7f00000000c0))

03:45:24 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))

[ 1001.404598]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1001.413233] RIP: 0033:0x457569
[ 1001.413251] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1001.413260] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1001.413276] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1001.413285] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1001.413300] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1001.423674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1001.423684] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1001.572295] FAULT_INJECTION: forcing a failure.
[ 1001.572295] name failslab, interval 1, probability 0, space 0, times 0
[ 1001.605836] CPU: 0 PID: 14675 Comm: syz-executor2 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1001.614386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1001.623761] Call Trace:
[ 1001.626375]  dump_stack+0x244/0x39d
[ 1001.630029]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1001.635236]  ? zap_class+0x640/0x640
[ 1001.638998]  should_fail.cold.4+0xa/0x17
[ 1001.643075]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1001.648208]  ? ima_get_action+0x7e/0xa0
[ 1001.652193]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1001.657221]  ? mark_held_locks+0x130/0x130
[ 1001.661475]  ? xas_find_conflict+0x890/0x890
[ 1001.665900]  ? zap_class+0x640/0x640
[ 1001.665935]  ? print_usage_bug+0xc0/0xc0
[ 1001.665949]  ? __lock_is_held+0xb5/0x140
[ 1001.665983]  __should_failslab+0x124/0x180
[ 1001.673762]  should_failslab+0x9/0x14
[ 1001.685828]  kmem_cache_alloc_node+0x56/0x730
[ 1001.685844]  ? zap_class+0x640/0x640
[ 1001.685870]  __alloc_skb+0x114/0x770
[ 1001.685892]  ? netdev_alloc_frag+0x1f0/0x1f0
[ 1001.697813]  ? find_held_lock+0x36/0x1c0
[ 1001.706282]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1001.706301]  ? apparmor_capable+0x355/0x6c0
[ 1001.706388]  create_monitor_ctrl_open+0x148/0x9e0
[ 1001.706409]  ? send_monitor_note+0x480/0x480
[ 1001.716257]  ? security_capable+0x99/0xc0
[ 1001.725497]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1001.725519]  hci_sock_ioctl+0x37e/0x810
[ 1001.725535]  ? zap_class+0x640/0x640
[ 1001.725553]  ? hci_sock_sendmsg+0x26d0/0x26d0
[ 1001.735236]  ? find_held_lock+0x36/0x1c0
[ 1001.735261]  sock_do_ioctl+0xeb/0x420
[ 1001.735284]  ? compat_ifr_data_ioctl+0x170/0x170
[ 1001.735304]  ? check_preemption_disabled+0x48/0x280
[ 1001.742982]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1001.751513]  ? kasan_check_read+0x11/0x20
[ 1001.751535]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1001.760077]  ? rcu_softirq_qs+0x20/0x20
[ 1001.770033]  ? __sanitizer_cov_trace_switch+0x53/0x90
[ 1001.779433]  sock_ioctl+0x313/0x690
[ 1001.779462]  ? dlci_ioctl_set+0x40/0x40
[ 1001.779480]  ? ksys_dup3+0x680/0x680
[ 1001.779513]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1001.779536]  ? dlci_ioctl_set+0x40/0x40
[ 1001.788690]  do_vfs_ioctl+0x1de/0x1720
[ 1001.796268]  ? __lock_is_held+0xb5/0x140
[ 1001.796288]  ? ioctl_preallocate+0x300/0x300
[ 1001.796305]  ? __fget_light+0x2e9/0x430
[ 1001.796322]  ? fget_raw+0x20/0x20
[ 1001.796339]  ? __sb_end_write+0xd9/0x110
[ 1001.804983]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1001.804997]  ? fput+0x130/0x1a0
[ 1001.805014]  ? do_syscall_64+0x9a/0x820
[ 1001.805029]  ? do_syscall_64+0x9a/0x820
[ 1001.805046]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1001.805064]  ? security_file_ioctl+0x94/0xc0
[ 1001.812917]  ksys_ioctl+0xa9/0xd0
[ 1001.821377]  __x64_sys_ioctl+0x73/0xb0
[ 1001.828799]  do_syscall_64+0x1b9/0x820
[ 1001.838374]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1001.838394]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1001.838409]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1001.838428]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1001.838447]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1001.845730]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1001.854290]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1001.854317]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1001.854342] RIP: 0033:0x457569
[ 1001.854365] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1001.862211] RSP: 002b:00007f96f1de1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1001.869997] RAX: ffffffffffffffda RBX: 00007f96f1de1c90 RCX: 0000000000457569
[ 1001.880486] RDX: 00000000200000c0 RSI: 00000000800448f0 RDI: 0000000000000005
03:45:24 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xccf00000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:24 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xfffffff0, 0x2}}}, 0x50}}, 0x0)

03:45:24 executing program 4 (fault-call:2 fault-nth:76):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:24 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f0000000040), &(0x7f0000000100)=0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x18}, 0x10)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:24 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488d")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[ 1001.880501] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1001.961946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96f1de26d4
[ 1001.969198] R13: 00000000004bf77a R14: 00000000004cf6a0 R15: 0000000000000003
03:45:24 executing program 2 (fault-call:2 fault-nth:1):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448f0, &(0x7f00000000c0))

[ 1002.046388] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1002.094791] FAULT_INJECTION: forcing a failure.
[ 1002.094791] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.107965] FAULT_INJECTION: forcing a failure.
[ 1002.107965] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.120853] CPU: 0 PID: 14698 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1002.129367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1002.138731] Call Trace:
[ 1002.138759]  dump_stack+0x244/0x39d
[ 1002.138786]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1002.138817]  ? __lock_acquire+0x62f/0x4c20
[ 1002.138843]  should_fail.cold.4+0xa/0x17
[ 1002.150247]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1002.158537]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1002.168757]  ? mark_held_locks+0x130/0x130
[ 1002.172997]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1002.173021]  ? ext4_put_super+0xf40/0xf40
[ 1002.173039]  ? zap_class+0x640/0x640
[ 1002.173059]  ? find_held_lock+0x36/0x1c0
[ 1002.173075]  ? zap_class+0x640/0x640
[ 1002.173094]  ? print_usage_bug+0xc0/0xc0
[ 1002.190095]  ? __lock_is_held+0xb5/0x140
[ 1002.190111]  ? print_usage_bug+0xc0/0xc0
[ 1002.190149]  ? zap_class+0x640/0x640
[ 1002.190168]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1002.215193]  ? zap_class+0x640/0x640
[ 1002.218925]  __should_failslab+0x124/0x180
[ 1002.223170]  should_failslab+0x9/0x14
[ 1002.226994]  kmem_cache_alloc+0x2be/0x730
[ 1002.231169]  jbd2__journal_start+0x1e7/0xa80
[ 1002.235590]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1002.241063]  ? jbd2_write_access_granted.part.8+0x410/0x410
[ 1002.246791]  ? __might_sleep+0x95/0x190
[ 1002.250797]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.256351]  __ext4_journal_start_sb+0x1a0/0x5e0
[ 1002.261122]  ? ext4_xattr_set+0x1f7/0x420
[ 1002.265293]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[ 1002.265310]  ? __ext4_xattr_set_credits+0x3ae/0x520
[ 1002.265335]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[ 1002.265356]  ext4_xattr_set+0x1f7/0x420
[ 1002.265396]  ? ext4_xattr_set_credits+0x120/0x120
[ 1002.265417]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.265433]  ? evm_protected_xattr+0x206/0x290
[ 1002.265453]  ? __sanitizer_cov_trace_cmp1+0x17/0x20
[ 1002.281630]  ? ext4_xattr_destroy_cache+0x30/0x30
[ 1002.281646]  ext4_xattr_trusted_set+0x36/0x40
[ 1002.281667]  __vfs_setxattr+0x124/0x180
[ 1002.281689]  ? xattr_resolve_name+0x430/0x430
[ 1002.281717]  __vfs_setxattr_noperm+0x11d/0x410
[ 1002.296059]  vfs_setxattr+0xd8/0x100
[ 1002.296086]  ovl_fill_super+0x1451/0x3f33
[ 1002.296108]  ? vfs_get_super+0x270/0x270
[ 1002.296140]  ? ovl_show_options+0x550/0x550
[ 1002.296186]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.296205]  ? get_anon_bdev+0xc0/0xc0
[ 1002.319108]  ? sget+0x113/0x150
[ 1002.319131]  ? ovl_show_options+0x550/0x550
[ 1002.319148]  mount_nodev+0x73/0x120
[ 1002.319169]  ? ovl_own_xattr_set+0x10/0x10
[ 1002.319185]  ovl_mount+0x34/0x40
[ 1002.319203]  legacy_get_tree+0x131/0x460
[ 1002.340180]  vfs_get_tree+0x1cb/0x5c0
[ 1002.340197]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1002.340214]  do_mount+0x70c/0x1d90
[ 1002.340232]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
03:45:25 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000040)={<r3=>0x0, 0xe4f, 0x8b9b, 0x1, 0x61af, 0xa08c}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000180)={r3, 0x8000}, 0x8)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@ipv4={[], [], @broadcast}, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f0000000300)=0xe8)
connect$packet(r2, &(0x7f0000000340)={0x11, 0xf7, r4, 0x1, 0x7, 0x6, @broadcast}, 0x14)

03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x40030000000000, 0x2}}}, 0x50}}, 0x0)

[ 1002.340253]  ? copy_mount_string+0x40/0x40
[ 1002.340273]  ? copy_mount_options+0x5f/0x430
[ 1002.353995]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1002.354016]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1002.354034]  ? _copy_from_user+0xdf/0x150
[ 1002.354055]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.354069]  ? copy_mount_options+0x315/0x430
[ 1002.354089]  ksys_mount+0x12d/0x140
[ 1002.365286]  __x64_sys_mount+0xbe/0x150
[ 1002.365309]  do_syscall_64+0x1b9/0x820
[ 1002.365333]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x9effffff00000000, 0x2}}}, 0x50}}, 0x0)

[ 1002.376989]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1002.377011]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1002.377030]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1002.377050]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1002.377064]  ? __switch_to_asm+0x40/0x70
[ 1002.377084]  ? __switch_to_asm+0x34/0x70
[ 1002.385639]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1002.385668]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1002.385681] RIP: 0033:0x457569
03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf00000000000000, 0x2}}}, 0x50}}, 0x0)

[ 1002.385698] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1002.385707] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1002.385736] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1002.385746] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1002.385761] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1002.394843] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xa0018000, 0x2}}}, 0x50}}, 0x0)

[ 1002.394853] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1002.450866] CPU: 1 PID: 14699 Comm: syz-executor2 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1002.492661] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off.
[ 1002.507170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1002.507176] Call Trace:
[ 1002.507200]  dump_stack+0x244/0x39d
[ 1002.507232]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1002.507261]  should_fail.cold.4+0xa/0x17
[ 1002.559789]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1002.559808]  ? __save_stack_trace+0x8d/0xf0
[ 1002.559838]  ? save_stack+0xa9/0xd0
[ 1002.559860]  ? save_stack+0x43/0xd0
[ 1002.610497]  ? kasan_kmalloc+0xc7/0xe0
[ 1002.614396]  ? kasan_slab_alloc+0x12/0x20
[ 1002.618562]  ? kmem_cache_alloc_node+0x144/0x730
[ 1002.623330]  ? __alloc_skb+0x114/0x770
[ 1002.627235]  ? create_monitor_ctrl_open+0x148/0x9e0
[ 1002.632264]  ? hci_sock_ioctl+0x37e/0x810
[ 1002.636424]  ? sock_do_ioctl+0xeb/0x420
[ 1002.640439]  ? sock_ioctl+0x313/0x690
03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x3000000, 0x2}}}, 0x50}}, 0x0)

[ 1002.644300]  ? do_vfs_ioctl+0x1de/0x1720
[ 1002.648374]  ? ksys_ioctl+0xa9/0xd0
[ 1002.652016]  ? __x64_sys_ioctl+0x73/0xb0
[ 1002.656091]  ? do_syscall_64+0x1b9/0x820
[ 1002.660188]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1002.665595]  ? mark_held_locks+0x130/0x130
[ 1002.669855]  ? xas_find_conflict+0x890/0x890
[ 1002.674282]  ? zap_class+0x640/0x640
[ 1002.678020]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.683575]  ? check_preemption_disabled+0x48/0x280
[ 1002.688616]  __should_failslab+0x124/0x180
[ 1002.692878]  should_failslab+0x9/0x14
[ 1002.696693]  kmem_cache_alloc_node_trace+0x5a/0x740
[ 1002.701748]  __kmalloc_node_track_caller+0x3c/0x70
[ 1002.701769]  __kmalloc_reserve.isra.40+0x41/0xe0
[ 1002.701790]  __alloc_skb+0x150/0x770
[ 1002.715192]  ? netdev_alloc_frag+0x1f0/0x1f0
[ 1002.719616]  ? find_held_lock+0x36/0x1c0
[ 1002.719656]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1002.729250]  ? apparmor_capable+0x355/0x6c0
[ 1002.729293]  create_monitor_ctrl_open+0x148/0x9e0
[ 1002.729312]  ? send_monitor_note+0x480/0x480
[ 1002.729332]  ? security_capable+0x99/0xc0
[ 1002.738504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1002.738533]  hci_sock_ioctl+0x37e/0x810
[ 1002.747078]  ? zap_class+0x640/0x640
[ 1002.747096]  ? hci_sock_sendmsg+0x26d0/0x26d0
[ 1002.747123]  ? find_held_lock+0x36/0x1c0
[ 1002.747152]  sock_do_ioctl+0xeb/0x420
[ 1002.756655]  ? compat_ifr_data_ioctl+0x170/0x170
[ 1002.764850]  ? check_preemption_disabled+0x48/0x280
[ 1002.764875]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1002.764889]  ? kasan_check_read+0x11/0x20
[ 1002.764906]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1002.764925]  ? rcu_softirq_qs+0x20/0x20
[ 1002.772788]  ? __sanitizer_cov_trace_switch+0x53/0x90
[ 1002.772811]  sock_ioctl+0x313/0x690
[ 1002.782574]  ? dlci_ioctl_set+0x40/0x40
[ 1002.782591]  ? ksys_dup3+0x680/0x680
[ 1002.782619]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1002.791683]  ? dlci_ioctl_set+0x40/0x40
[ 1002.791702]  do_vfs_ioctl+0x1de/0x1720
[ 1002.791720]  ? __lock_is_held+0xb5/0x140
[ 1002.800984]  ? ioctl_preallocate+0x300/0x300
[ 1002.801002]  ? __fget_light+0x2e9/0x430
[ 1002.801021]  ? fget_raw+0x20/0x20
[ 1002.809854]  ? __sb_end_write+0xd9/0x110
[ 1002.809888]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1002.809905]  ? fput+0x130/0x1a0
[ 1002.817639]  ? do_syscall_64+0x9a/0x820
[ 1002.817656]  ? do_syscall_64+0x9a/0x820
[ 1002.817673]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1002.817691]  ? security_file_ioctl+0x94/0xc0
[ 1002.817711]  ksys_ioctl+0xa9/0xd0
[ 1002.826612]  __x64_sys_ioctl+0x73/0xb0
[ 1002.834552]  do_syscall_64+0x1b9/0x820
[ 1002.834572]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1002.834592]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1002.834607]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1002.834628]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1002.842996]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1002.843016]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1002.843038]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1002.859357]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1002.859378] RIP: 0033:0x457569
[ 1002.867320] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1002.867329] RSP: 002b:00007f96f1de1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1002.867345] RAX: ffffffffffffffda RBX: 00007f96f1de1c90 RCX: 0000000000457569
[ 1002.867355] RDX: 00000000200000c0 RSI: 00000000800448f0 RDI: 0000000000000005
[ 1002.867364] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1002.867373] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96f1de26d4
[ 1002.867387] R13: 00000000004bf77a R14: 00000000004cf6a0 R15: 0000000000000003
03:45:25 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x700}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:25 executing program 4 (fault-call:2 fault-nth:77):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:25 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf0ffff, 0x2}}}, 0x50}}, 0x0)

03:45:25 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000180)="3c74a4d274670e1aafd3f511acdf0091679335b202c2bfed5f37d24c3e4128a0b190ff0eb115c837757615cc517433ab480cc94595f705f7e9c43f5cd86f1e754971b6670d93025049d3e0f25fa7f630cc40bd256bed7792d9343e3f32dd38d1083158a7604a9889dff31f8750d6388e80342163260342b75b0a171841e136f0f4cca673fadc78942d2f8dbeb8f2e5cf5ecb5caa32fb1089d6d8c04c767219fc743dfa653c87292f1a33da6f89b17406c35d6df0c16d9e6ff15e0e116b5f15275e8c968a5835f5a6fb4560672f54d4631fb95529459fd42862deef421fbb232f8bd51b5beb50c62af0c29b0ec2e80ddcad5dd36a6fcd7170088545de31b6a37365812b140efbc8c25b3bacab92927e0906877c6368ec498acdb2a1124dd1266da902ef775d95f96947435b034748ce9434f56b95eaab4a89abb953de019701466652974495cb14e82c49b64397e992b226b9aeb5a641806119f16c6d19ff51265989dc9426f4c857ec74993ab4c182aea7472a7b1da594d265b3859950c19b218410f1e684f4e04c975d6a0cfddcd8428f9951220d088b1415b0bb8920027d18eac06f333c3f001be6724a123713324cd96674fed036524479b6d292656b1c70a06fabadd55182f2095912a3b7b8ac225734affee36e1d5e1534f412b26f75dd5045ef87247977aaff443befe7dcb02de1f5d34123f501cd439e7f176a14892923e3c4796b05b90fb9f134c55b377eb1dfe4e7f55e9ae211f4674cc9176d476cfd67b588565cde9dd82da8d3712ca1db17d9c16fcaee0f2e90a767ad7a25bf2ba4debf914cc8734a28a947ed80331dcc9822b6cc2c73928763bc437a53bb63ce26ca8b221cb45c30350e02194d1990b8ba8e3bdf56e5e1288ebec1d87cdd61343fa656dc91e6dc0a487b80d70e846ce32d4e5587de89ecca11d6b9437c1b5222b345015eb61058d4e8f5a21b3016334958a7e6db21b4d1da5024b17cf070e53b7e320ed44869bf3237993e22689dfa9da5c2d2d2b11808defd21725385eea9a1effda8aada5b024b8ea2f3ad05973fd4a8acf0218335024e82bf91b16200d8246bdc5b0fc84c251b001d0d09c8df1b4c8690d385e60a74ab6dc8039f24705edc3e766f3f2a5341de5655ce7c1decd167265391fa282a85417bc76fc78f955c2cb03235acc0901800f12cb6299588026c8977492e5ebd397cd06d8878a424a7834ec437c5c8f436edc31067d60cd2c46a56a32ef40f653f29e2d62150eb738739baa9059974504f296beac209204a729629aa3c4087dc6f88c39b59816f0fcbd336c592eb53f2721913c71a502c0ecd78db61faa79f367272c65463bc1a823d8cd2343c0ccfe90bbd4fea5f663e731e8c83a8ad2b7add3b25e6bd328ee303be7fad97a857c79265a03b682e6f305d30383b401fb5b2656f17fc4a2c13b082b0299518df2d618350e8c0cdd1c8c5954cb28adfda2b461b919fd2d2b07275e550bcbc323ea9d769fd7e047f6cbb58d193b511ee7452ad48b256124b6881eb92c921ac15dab574a0d48485b6b757a33fc23e22847358a1c25d5c9e7143203e1fb125504df0b43318ccf26e0433e3af22d6876735b9955faa052b550fd97e44543ec1d10b2c8451ed0317568aaa937d8c4e9e127c19cf87847edfd0d2973c2ee0761674e83c8809fb2797320a89dab58ddc63f6ec92be5fe579d5d557426e0c90ddf4436784175cfb66a781c86eb0d6aa3bf81b0d1492f1b0119a7c10c2db449fa75d32d9843f1157e784a06795411350e7eccd031e87e0b35c7777f4abab8a8280e47e3c9ed5c60b3a570d9e655d2ae3cb09d07bf301e1325ea10d724ac238aad1cbe498b42294054dc93810f518107082f67e8f04f0c2e047faa076d2f1a9027283b2b9984eadaf9440f906f96d192a6772ce9d375eeb76ee574316681a577c632e1a7d933ba5c7dd5e79ac7a0c00596c38b623d3d7bea8c33aba71a457540eff14fdd674e4e9a1885c80248bf76a15bb6514620555afd62f7edec6523928d9b8fed04828d960a0846f0b86fc2dc4314c008ebd179a464277f705ba822dff5c102a272db15ab396d23ce63c2d4f40d0fa3397715c937d9b24487ea21959235de4f5a120a789e341da7d843e19e326b635d1086e1a0b1b81e0aa20fae80450de231db15fef717952cd703e9145d8b958fa5c4578e33d0c387d00ac705a80df67709e3e0c88c2ebecf0ad8b6cd988365736547392c42fffd02b34876b9fd91ccfef308d27e6cc8227808362cee6024fda3aadc3d26f4bb41dc7908a251aa9f0c953fc8aaeca98e13c5fae2415df2eafa42fed0df4a9d9573666b031291ff0f15116286af5cdaa41bb26c7b9272cfd28e8c310027128222d9bf89ba8e9a577893437687aef1879f5835bb434951df678ea18db8244a0ca9bbefc23e14fa73b4c75579c4d7e724ab21335e5fb389e3250d6e3775fe1c21104b9c1284cc0ba72a37f91cc3fc3f6ad8080b27bd2293596e671fcf772bbf02f0d6220aa501b7b48c39ccdaab945f72307421812b4a9d59e912c421a0a431e4e57f328a2c781005168974c3ec3c990403972e0fec91a20302b1a5f8bac529f7a73fd866cbe4d471d28ddb5692df8d1d586e755cb9b1cacb32904bbbc33acaec680df9ef7780d797185d0beb9ea62a83557ee74d42ff082448dbcd224777eafabcb40dd6c216fd817d8806f1386c2173edfa5009ec126422f60744794b76fe58f8b89b6c63e8c18d5ff9b6b76ca9bc0d6d2c1dbf1a1a256bea1f1a60505b24d04f0e3db9fcb9daf7572dc19325816804691791d76cf5b5ba895b9ae0dc0205631f2764df056a090f3404febe14ed4c5acb28d16424cd8b725885ee5a62f4418a584b0fe904125625e709f70cd3f9a9551cf92d22c314c493f7a109d5b68d1df3d667e391ecd37d6d4fba2566a47bc9ed2e42a300edef5d0412163cae4b01f5c0ddb5ebb5ea1e274448e101001ac53db83bb4d7a0aabd8306dd35eaebed84704ed56679175c68321fc914d216d1c221e28184d4fdd89bee533c97f2c0332cea0b46dd4ee21448a7161acfd5a1031ff409a98bbee68d9faf70e6f0fd4e3a64af1170f0ad9870961ff5eff4fa5d4bc9d3b67b60b0c1894258f68af3a492f4839e774f399526617bc4c4788f5ed31b4d04b2f404f9200b4aacb5f1aa2c9262602f0d77df72a4ea0ef4c4df9abe118028dcb97ed193e0717839db9db0460ed5376f6f247ab28bf2bf14f4159bfc6609647be0e29df6533265f1bdb49887af211e064310fccb6b37bd98896b5d1adeadada1b92509b6435566b6a27abde1ab54b0acea28ca6527cce996773c1b32f0aa8a6cddd8e8dd98d87d7795ab58b0782bd9c82e9e5dcf8ca262621f40aa0086803cf6b0b2f6f79461e9b22b329d4682cb13b71751b41ef175e890f4eca16bef0cdc20ed9274ed2b83c65bb9c7c0c880663d179b4971e28adb620171feb247902db781f77fe64d674a3b6142962bb0cd8806b64bb47550384260e9614386df33391f16f3e63676d81569a01d9035b1a64af637c16701dbcb46f8cc2a3df8ab54fe83e41d07c7d96ec75e21eacc240409988e71d5621a3df7c9330589c54477a2a89144dc8b4229cca6182b0f132ffc5cc12e44caff1057e30d0d5d58eb762bad2089227f5ab2d43850fd7811d4f64de6d0b300c0e089e8bbbd5e75fab7696c0688a11b68130a3e89e5586beefd1a65a5e4ec04c518d8c1e1bb2ea35eaf92559471c52ee527bb7082a1770669b04a7fb7139e30dd18a698d467df5701d557f3eafe94f0e55a04b4fcd0d2fca31b195fa6e1029d0e937e2ac749bb0a94aac8c0e35593e5434021229d385e68eeb7e9ae2514ae06576df8fd99cf8c5b2a676842828fb9e937d0897338c420b4160946571250231a5dd125288b20cc7fcadd75d6c4b64f0fe14d25e8695ae679a31b3b46d5c99d95550db5504a04d74411efc6714fc36c34fd4622dbc74a2229808d69e76c364718940610688b486adc939e71f30799c5d148cff840533db9b34ef308188e1d5f969a4edd57be3745b257ac9317ce0fbd6c8f92746a5a23e73a03aafd68413df8004fe2c59621390a5c717af9806f1a60dcf7630f2c0447bcec67e7273186b288183fe1f316a8403a0061c6cb192d64c55765e6cee9fe4b2e81c1bfc6f358abab7f29afbf2c81e6674a28be5e09fa215dd075e771170344b140b5fd5b40ecbd1dc273910fadd50faa6db998b8603e621b6eb95e558d6f8381a78dc7adeb1d9636c14aebef7ae9216525a0c7652553ee7100bcd2be50ac418c76478ba5f63cf1cdea49633fa0c3cb6c68786562cb749d4b95153b4b1c9a856629ea3d9083f95679b7f972965b2e2823836d176c9d208b4d3afeca7cf88df4e8787cc950183e0dd187484aabb3874bf9e3f1479e6d1712016c9e62184c1f0c59307e7bb09ca04c8182dea9d07c338d2960ff5812a010d272c49b821c923c4964197f917746418d5f2bdc07baf23901a505c7ee02d4621fd4f772f2b62b7795c85bd56804a1f9d0758647efcf7a975cb119393b1bcd8c09b7138223de4911ea425647432403eee63622e95eb962d231f81ff05852efb2b1ec02fa3f01924f5c06041df4187f83dc92e8775ff739f53eda837ce5bb98e9a2871c1b4fa0dc5bbc1e1840ba270c16568b7fa43afd85aa675c2111104c994bd0e7112a7a95dce912345b10521387e0229393030e38e4ec16e0908142802313b33fb18872e5cf2f5eec498cb37e7efd4395ab0c23f308294a64a355e2a014de8d0dc2d46e33051e7dc5ad0f3c9e7426b4b7566a43b26240f6507b2044ecf0601c818ec8f17597b655b6b9fe693f8ee657fb06cabbfa97daa725f7a7e1948ee0176e97ebd4580e2ff2b4f3f8cff690f1c1a66f36404a6452cd481ff8687fd2b1a74d0528cc5a29ae7e86b4c436935d0b8419f6f657b9ff821c36c3c130d3831e5fc32d85e88abdba8f1e6ff71799d9923ada2be4ed45b9e2795c77dad91d45e44923f8df4649e57523b0ac3333e914349511b0cbda6c22c2c30646d6aec4213d742701672541f0ca5ba8121e6c51394669a36aa23a186adc937fedf3d8c241f9fb815cf1589b98686dce6e582f3d9db95a748a9d67fddee084748d10e1d8c26d6e44527dba849f59a5c0bc2f0be8ed16ac675736141ef6d08ad63e1261f803116249dc81b5605cf7a7103aa8b0c8e656e9c47af16f5ca3bfe9e923d15b06500a2382e9d147b4889cb32f92c0f809d28cc1aea6e29797df5a19d6b64b972d1db2f32e44d15e8c6970bc0dc68ba905202f433a1baef9389db6c7ef860ce6d6a43f7e48a58902e9f648e625a665388715106d7baf3530dab3bf6f84d64e09fc0bf977224d1e9b18cd4faac521dfdf8b071659cf7be8aec0d132264cf9d75f01651dfbb8a3d49a138e0d15195d89faa2b3176397105010882432c27b986a715c13fb327c9d99b3dc57b6d2a79de20c48461e8cd408ace89290d742e13b5413b8274040669fca3e44499b0eacc54747fdff28e8edf88d7b402f06b5c6d1cc7b9534be0dbd91d1cbe1080904d5e68025e9d825a5055ceaca9a5c73d847918d38d3dc99869b4cfdd73e7bf29c3365d74fd9f3a3afde9f1dc45fddd301568585611ce85f9a847315159ca65d1fc6d5e2da0b43c26a59988883c0dd6fc1272e0b78a9653ca0c1f30d2480fee36d81edef4c65bd0c2a85136173aab49d7edddd97f9c7773c7f0567738d3f0aa674538da644aafdcd9fe6689d690f7b8a97bacd9a5fa24cbe5")
r1 = fcntl$dupfd(r0, 0x0, r0)
write$FUSE_NOTIFY_INVAL_INODE(r1, &(0x7f0000000040)={0x28, 0x2, 0x0, {0x1, 0x1, 0xffffffff}}, 0x28)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:25 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d76")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:25 executing program 2 (fault-call:2 fault-nth:2):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448f0, &(0x7f00000000c0))

03:45:26 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x0, 0x42002)
connect$nfc_llcp(r0, &(0x7f0000000280)={0x27, 0x1, 0x2, 0x6, 0x6, 0x0, "6f1ba87240c7d21234dd937eaed1cb61c36eb5df8e0b884700bdfeed46ef05f012bb36269c840e8dc915338f59c7fe08f14566b15fc3777cd11aed5a1cc443", 0x6}, 0x60)
r1 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x9, 0x80000)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e23}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
getsockopt$packet_buf(r3, 0x107, 0xf1d756c05cbea254, &(0x7f0000000040)=""/42, &(0x7f0000000100)=0x2a)
bind$bt_rfcomm(r3, &(0x7f0000000140)={0x1f, {0x0, 0x0, 0x0, 0x40}}, 0xa)
getsockname$unix(r3, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$RTC_EPOCH_READ(r3, 0x8008700d, &(0x7f00000001c0))

03:45:26 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448f0, &(0x7f00000000c0))

[ 1003.145302] FAT-fs (loop3): bogus number of reserved sectors
[ 1003.188588] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1003.204534] FAULT_INJECTION: forcing a failure.
[ 1003.204534] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1003.216378] CPU: 0 PID: 14741 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1003.224921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1003.234304] Call Trace:
03:45:26 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$TUNSETSNDBUF(r1, 0x400454d4, &(0x7f0000000040)=0x8)

03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x400300, 0x2}}}, 0x50}}, 0x0)

[ 1003.236929]  dump_stack+0x244/0x39d
[ 1003.240591]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1003.245810]  ? zap_class+0x640/0x640
[ 1003.249544]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.255106]  should_fail.cold.4+0xa/0x17
[ 1003.257805] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1003.259183]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1003.259202]  ? find_held_lock+0x36/0x1c0
[ 1003.259239]  ? get_mem_cgroup_from_mm.part.62+0x204/0x880
[ 1003.279805]  ? lock_downgrade+0x900/0x900
[ 1003.279822]  ? check_preemption_disabled+0x48/0x280
[ 1003.279844]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1003.293921]  ? kasan_check_read+0x11/0x20
[ 1003.298083]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1003.298100]  ? zap_class+0x640/0x640
[ 1003.298116]  ? rcu_softirq_qs+0x20/0x20
[ 1003.298164]  ? rcu_read_unlock+0x16/0x60
[ 1003.298187]  __alloc_pages_nodemask+0x34b/0xdd0
[ 1003.315293]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1003.315308]  ? kasan_check_read+0x11/0x20
[ 1003.315328]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[ 1003.315352]  ? __lock_is_held+0xb5/0x140
03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x3, 0x2}}}, 0x50}}, 0x0)

[ 1003.315402]  ? trace_hardirqs_off+0xb8/0x310
[ 1003.315434]  cache_grow_begin+0xa5/0x8c0
[ 1003.346698]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1003.352260]  ? check_preemption_disabled+0x48/0x280
[ 1003.357312]  kmem_cache_alloc+0x66b/0x730
[ 1003.361484]  ? check_preemption_disabled+0x48/0x280
[ 1003.366530]  ? ratelimit_state_init+0xb0/0xb0
[ 1003.371056]  ext4_alloc_inode+0xc7/0x880
[ 1003.375141]  ? ratelimit_state_init+0xb0/0xb0
[ 1003.379655]  ? find_held_lock+0x36/0x1c0
[ 1003.383753]  ? get_cached_acl+0x35c/0x460
[ 1003.387918]  ? lock_downgrade+0x900/0x900
[ 1003.392076]  ? check_preemption_disabled+0x48/0x280
[ 1003.397114]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1003.402053]  ? kasan_check_read+0x11/0x20
[ 1003.406217]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1003.411508]  ? rcu_softirq_qs+0x20/0x20
[ 1003.411539]  ? zap_class+0x640/0x640
[ 1003.411576]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.411592]  ? ratelimit_state_init+0xb0/0xb0
[ 1003.411621]  alloc_inode+0x63/0x190
[ 1003.429349]  new_inode_pseudo+0x71/0x1a0
03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x200000000000000, 0x2}}}, 0x50}}, 0x0)

[ 1003.429367]  ? prune_icache_sb+0x1c0/0x1c0
[ 1003.429396]  new_inode+0x1c/0x40
[ 1003.429412]  __ext4_new_inode+0x4c8/0x65a0
[ 1003.429432]  ? print_usage_bug+0xc0/0xc0
[ 1003.437150]  ? __kernel_text_address+0xd/0x40
[ 1003.437175]  ? ext4_free_inode+0x1a10/0x1a10
[ 1003.437203]  ? __lock_acquire+0x62f/0x4c20
[ 1003.457585]  ? save_stack+0xa9/0xd0
[ 1003.457603]  ? save_stack+0x43/0xd0
[ 1003.457616]  ? kasan_kmalloc+0xc7/0xe0
[ 1003.457630]  ? kasan_slab_alloc+0x12/0x20
[ 1003.457656]  ? mark_held_locks+0x130/0x130
[ 1003.457672]  ? do_syscall_64+0x1b9/0x820
[ 1003.457692]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1003.457711]  ? percpu_ref_put_many+0x11c/0x260
[ 1003.481619]  ? lock_downgrade+0x900/0x900
[ 1003.481637]  ? check_preemption_disabled+0x48/0x280
[ 1003.481658]  ? kasan_check_read+0x11/0x20
[ 1003.481674]  ? zap_class+0x640/0x640
[ 1003.481695]  ? rcu_softirq_qs+0x20/0x20
[ 1003.495341]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.516901]  ? check_preemption_disabled+0x48/0x280
[ 1003.516931]  ? __lock_is_held+0xb5/0x140
[ 1003.516957]  ? zap_class+0x640/0x640
[ 1003.516976]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1003.516995]  ? __lockdep_init_map+0x105/0x590
[ 1003.526499]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.526517]  ? d_set_d_op+0x31d/0x410
[ 1003.526556]  ? find_held_lock+0x36/0x1c0
[ 1003.526580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.535655]  ? __dquot_initialize+0x629/0xdd0
[ 1003.535681]  ? lock_downgrade+0x900/0x900
[ 1003.535700]  ? dquot_get_next_dqblk+0x180/0x180
[ 1003.535727]  ? kasan_check_read+0x11/0x20
[ 1003.535743]  ? do_raw_spin_unlock+0xa7/0x330
[ 1003.535764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.535783]  ext4_tmpfile+0x187/0x4e0
[ 1003.535808]  ? ext4_orphan_add+0xdb0/0xdb0
[ 1003.535826]  ? security_inode_permission+0xd2/0x100
[ 1003.535843]  ? inode_permission+0xb2/0x560
[ 1003.535860]  vfs_tmpfile+0x13b/0x2a0
[ 1003.535882]  ovl_fill_super+0x139b/0x3f33
[ 1003.535900]  ? vfs_get_super+0x270/0x270
[ 1003.535930]  ? ovl_show_options+0x550/0x550
[ 1003.535973]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.535989]  ? get_anon_bdev+0xc0/0xc0
[ 1003.536000]  ? sget+0x113/0x150
[ 1003.536021]  ? ovl_show_options+0x550/0x550
[ 1003.536037]  mount_nodev+0x73/0x120
[ 1003.536054]  ? ovl_own_xattr_set+0x10/0x10
[ 1003.536071]  ovl_mount+0x34/0x40
[ 1003.536094]  legacy_get_tree+0x131/0x460
[ 1003.549319]  vfs_get_tree+0x1cb/0x5c0
[ 1003.549336]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1003.549354]  do_mount+0x70c/0x1d90
[ 1003.549374]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1003.549394]  ? copy_mount_string+0x40/0x40
[ 1003.558742]  ? copy_mount_options+0x5f/0x430
[ 1003.558765]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1003.558785]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1003.558807]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1003.568390]  ? copy_mount_options+0x315/0x430
[ 1003.568412]  ksys_mount+0x12d/0x140
[ 1003.568431]  __x64_sys_mount+0xbe/0x150
[ 1003.568453]  do_syscall_64+0x1b9/0x820
[ 1003.568485]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1003.568503]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1003.568523]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1003.568556]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1003.577191]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1003.577208]  ? __switch_to_asm+0x40/0x70
[ 1003.577233]  ? __switch_to_asm+0x34/0x70
[ 1003.577256]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1003.577281]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1003.586078] RIP: 0033:0x457569
[ 1003.586096] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1003.586105] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1003.586121] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1003.586131] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1003.586141] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1003.586150] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1003.586159] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:26 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0x13}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x860c000000000000, 0x2}}}, 0x50}}, 0x0)

03:45:26 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x5451, &(0x7f00000000c0))

03:45:26 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={<r2=>0x0, 0xfff}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r2, 0x3}, 0x8)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000380)={@multicast2, @multicast1}, 0x8)
getresgid(&(0x7f0000000100), &(0x7f0000000280)=<r3=>0x0, &(0x7f00000002c0))
fstat(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getgid()
setresgid(r3, r4, r5)
ioctl$UI_GET_SYSNAME(r1, 0x8040552c, &(0x7f00000001c0))
ioctl$EVIOCSCLOCKID(r1, 0x400445a0, &(0x7f0000000200)=0x7)
ioctl$KDSETLED(r1, 0x4b32, 0xfffffffffffffff4)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:26 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d76")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:26 executing program 4 (fault-call:2 fault-nth:78):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf00, 0x2}}}, 0x50}}, 0x0)

[ 1003.950934] FAT-fs (loop3): bogus number of reserved sectors
[ 1003.957163] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1003.977657] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x1000000, 0x2}}}, 0x50}}, 0x0)

[ 1004.023741] FAULT_INJECTION: forcing a failure.
[ 1004.023741] name failslab, interval 1, probability 0, space 0, times 0
[ 1004.049823] CPU: 0 PID: 14781 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1004.058366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1004.067734] Call Trace:
[ 1004.070344]  dump_stack+0x244/0x39d
[ 1004.074005]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1004.079220]  ? __lock_acquire+0x62f/0x4c20
[ 1004.083482]  should_fail.cold.4+0xa/0x17
[ 1004.087575]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1004.092745]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1004.097877]  ? mark_held_locks+0x130/0x130
[ 1004.102123]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1004.107257]  ? ext4_put_super+0xf40/0xf40
[ 1004.111423]  ? zap_class+0x640/0x640
[ 1004.115174]  ? find_held_lock+0x36/0x1c0
[ 1004.119253]  ? zap_class+0x640/0x640
03:45:26 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf000, 0x2}}}, 0x50}}, 0x0)

[ 1004.122980]  ? print_usage_bug+0xc0/0xc0
[ 1004.127064]  ? __lock_is_held+0xb5/0x140
[ 1004.131142]  ? print_usage_bug+0xc0/0xc0
[ 1004.135241]  ? zap_class+0x640/0x640
[ 1004.138972]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1004.144467]  ? zap_class+0x640/0x640
[ 1004.148209]  __should_failslab+0x124/0x180
[ 1004.152507]  should_failslab+0x9/0x14
[ 1004.156327]  kmem_cache_alloc+0x2be/0x730
[ 1004.160508]  jbd2__journal_start+0x1e7/0xa80
[ 1004.164933]  ? perf_trace_sched_process_exec+0x860/0x860
03:45:27 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf0, 0x2}}}, 0x50}}, 0x0)

03:45:27 executing program 1:
r0 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x7ff, 0x80)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000001c0)={<r1=>0x0, @in={{0x2, 0x4e20}}}, &(0x7f0000000280)=0x84)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000002c0)={r1, 0xc519}, 0x8)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = fcntl$dupfd(r2, 0x0, r2)
bind$bt_rfcomm(r3, &(0x7f0000000140)={0x1f, {0x0, 0x0, 0x0, 0x5, 0x0, 0x6}}, 0xa)
write$P9_RRENAME(r3, &(0x7f0000000040)={0x7, 0x15, 0x2}, 0x7)
getsockname$unix(r3, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
write$P9_RCLUNK(r3, &(0x7f0000000100)={0x7, 0x79, 0x2}, 0x7)

[ 1004.170403]  ? jbd2_write_access_granted.part.8+0x410/0x410
[ 1004.176124]  ? __might_sleep+0x95/0x190
[ 1004.176148]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.176173]  __ext4_journal_start_sb+0x1a0/0x5e0
[ 1004.176188]  ? ext4_xattr_set+0x1f7/0x420
[ 1004.176207]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[ 1004.176223]  ? __ext4_xattr_set_credits+0x3ae/0x520
[ 1004.176248]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[ 1004.176268]  ext4_xattr_set+0x1f7/0x420
[ 1004.200429]  ? ext4_xattr_set_credits+0x120/0x120
[ 1004.200453]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.200481]  ? evm_protected_xattr+0x206/0x290
[ 1004.200503]  ? __sanitizer_cov_trace_cmp1+0x17/0x20
[ 1004.200523]  ? ext4_xattr_destroy_cache+0x30/0x30
[ 1004.200541]  ext4_xattr_trusted_set+0x36/0x40
[ 1004.239758]  __vfs_setxattr+0x124/0x180
[ 1004.239792]  ? xattr_resolve_name+0x430/0x430
[ 1004.239823]  __vfs_setxattr_noperm+0x11d/0x410
[ 1004.239850]  vfs_setxattr+0xd8/0x100
[ 1004.261139]  ovl_fill_super+0x1451/0x3f33
[ 1004.265309]  ? vfs_get_super+0x270/0x270
[ 1004.269401]  ? ovl_show_options+0x550/0x550
03:45:27 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf, 0x2}}}, 0x50}}, 0x0)

[ 1004.273773]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.279327]  ? get_anon_bdev+0xc0/0xc0
[ 1004.283222]  ? sget+0x113/0x150
[ 1004.286519]  ? ovl_show_options+0x550/0x550
[ 1004.290856]  mount_nodev+0x73/0x120
[ 1004.294503]  ? ovl_own_xattr_set+0x10/0x10
[ 1004.294520]  ovl_mount+0x34/0x40
[ 1004.294539]  legacy_get_tree+0x131/0x460
[ 1004.294574]  vfs_get_tree+0x1cb/0x5c0
[ 1004.294590]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1004.294619]  do_mount+0x70c/0x1d90
[ 1004.294638]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1004.294661]  ? copy_mount_string+0x40/0x40
[ 1004.328164]  ? copy_mount_options+0x5f/0x430
[ 1004.328188]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1004.328210]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1004.328233]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.328247]  ? copy_mount_options+0x315/0x430
[ 1004.328268]  ksys_mount+0x12d/0x140
[ 1004.343066]  __x64_sys_mount+0xbe/0x150
[ 1004.343091]  do_syscall_64+0x1b9/0x820
[ 1004.343111]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1004.343131]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1004.343151]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1004.343172]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1004.370072]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1004.370091]  ? __switch_to_asm+0x40/0x70
[ 1004.370104]  ? __switch_to_asm+0x34/0x70
[ 1004.370129]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1004.370158]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1004.370175] RIP: 0033:0x457569
[ 1004.385146] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1004.385168] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1004.385183] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1004.385191] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1004.385200] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1004.385209] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1004.385219] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1004.397405] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off.
03:45:27 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f, 0x0, 0xc0f0}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:27 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP_VS_SO_SET_EDITDEST(r1, 0x0, 0x489, &(0x7f0000000000)={{0x8, @dev={0xac, 0x14, 0x14, 0x13}, 0x4e20, 0x4, 'lblcr\x00', 0x2, 0x89e7, 0x27}, {@local, 0x4e21, 0x5, 0x7, 0x4bab, 0x79e}}, 0x44)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)

03:45:27 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x5452, &(0x7f00000000c0))

03:45:27 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf0ffffffffffff, 0x2}}}, 0x50}}, 0x0)

03:45:27 executing program 4 (fault-call:2 fault-nth:79):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:27 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d76")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:27 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf000000, 0x2}}}, 0x50}}, 0x0)

[ 1004.702833] FAT-fs (loop3): bogus number of reserved sectors
[ 1004.710666] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1004.736331] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:27 executing program 1:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x100000000000031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='clear_refs\x00')
r2 = syz_open_procfs(0x0, &(0x7f0000000200)="6c6f67696e7569640039dad3c444de4a35f0fd223db6aa1e2fdd63c9f35f389e4669e0af6522c225bbb645ae9e0f46c87cd44db4919c1a34ab1d00bb4157f79b23912e9b96566ebf23618dfdd331fcacfeccdb938974f48d420c49e5b37f94bdb651b9c102659034f4192f")
sendfile(r1, r2, &(0x7f00000000c0), 0x1)
pipe(&(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, &(0x7f0000000340), 0x10000014c)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f00000011c0)={'ip_vti0\x00', 0x1000})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
getsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000100), &(0x7f0000000180)=0x4)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
bind$bt_rfcomm(r5, &(0x7f0000000140), 0xa)
setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000001c0)="3ef5fe8169813031550bfe63206809a28a54a5b28020b67d48e746762f653c4056e261ed2e077e56f0a08e2ecf6b49b08663cdd30ff25f2662c307bb25d3e954e2e1053cd9e054de5eaa348808e1c5623c0cdb4ba2a66b054fba411ef63087323f42ed58a231be518c02602c24ca4da911775aad9b8f390c9a87c46bfa36afa7ee9b5ce8d3ae328577199b666f800fac9600b08dd5b46d5f6f948bf2e9c3313b2bf79f6301506654ca3d19adf176ff5c346e5fdf187e9692d8e3ec0d945f5079fca90ba668764ad1e6d9d7dcd63fb536d7a316e238eb49ca5d6462c77e1429eb72ab6200ceb650ab442c261626069764dc956105c5cbbc5ccffaaa61ac539b6c0a8ed763e79728156af4330ab04721f6b35f63d85b4739a0c5a91ed837e772cefc7d07aab1871c2f1a5e8d3a1d86044daa86a67612ba3fe5d9b1f8ae9e6d4b3cccb790e989a10dbeaab70c137c3d64747ff26a74e1bb7afdebba58074c2f6bf691d00ed63c85c917b48cadce021fa1865be001d92d85e0980ca89deee256a2dfab83c3df56e263f18b0eacda5661d1a1a83a6381068b7059ac735868f842635588d9b111922aa3642912baa18cc1e6aee4f6e772a16125a023ae8e3a094d5251d7d14ca49db27cf553cb573e54d156efbee6f6c9fbd7e05c79d854696d0164c72eb15bf4947902902d934f821687e8f8a8eec315024548a5eace9b260db679027d649cb8cc8d69d373412ab80d0630deef4b0b67c9978182e967b15658af149fae0e46f1c55cc95620cac8450a41ee35260da5b954016c0e69612020ac18c07fadce9d821135061ab7372cdffcaafe51ad25242d24aa8b8d4d5bb1798a3a62a2697e73d4f612edcf09ea1d796f55d1f64b36838ef7f30211fffb02dd333e60f768bdce2fe0abdbd1399ad66d5a2b0628437956d3d1b508c6b592c9d2ad3fb5b483ae763c625b6ace03e0fb6049bda4a062632453b8fe2ff21e6a30b0d113f425f1d14e8aa360b3b2a283dab30456f763c8327fe734d7be167d183752740379458b1bcfca772d5d5876153ec3e97daefbc8de3e31a802d87225b885384647c214ef4851c565699a13e2047c8c9c0c13ad71dd44b536622042b6604fbe175d802c87faf274dd1468675bc14488960de5ec43c5f07fdc0f2626ba8391475a342d60e0890e746fa5adb13b90774626447c9d150ed3624dcd92d5146298d932971609e084890cc44dc0f682806661c0ab311602cd56cf1c2fb2b27827c25460e224ce7352e1341613231d708d351f63388c0a7e0f34e1ea2091b583314974daa668d3e0d362e074de74b37dc1a6450f11b435a6ed2258f8dc5856895ce8488fb5b43670703a61d88115e47fcc3833d073995006f2ab7c0f84f8c05a4072bc09a635a2e68c11d6ca98c949252af28db346a5217fee9cd656e7860acbce7d36064dd336d479efd05b4c660184df5912fa2cf6a60ad7baf3278b09bdc1703e85daee5eea7fbd81e267b257740e0e9ea3906d4d3e137ec4ee4cbe71e240b02bb28afbd5139d9fb985f8df9f54b90906a7ce432cd54fa49e10b9b74a9780d7b684fda046fa02b2c69ff0b7a105173e1aa6df63750555ebec52a445cfa95d34d7be10d54be02449be1b2ce585d27c416dcd964e174bdb190b353683228c7e91ade13724b739d91b914516f03a48ecaf10461fd9f815f80500878a006cc10e2f3b308072b41eb319c2186ae6ab6240a6d5579e61abff6cf3ff3154db9315df81a96b71306b020ed5228b28eb55315a31adcde810cf781b3d5fe38cd35e7edceefc9fcd69fa28cff62bff31c0b68aebc72fc7f4aaed359af8cda7ce8b3f846cb58f2b25ef52e87859615e53da3dab419c2342dbd152271dfea5b6ba25c9d58c456013a709b2d959e3483b1ca916e7f77f74152f38f69df2dcd06287d051c50c3f424cef90571b1da069047954ca2d9bfc635391104db7d84667fd0111f9576566fc3104608ffd00485fc9670dad2b6ba2bc6ecbf6c18ea515c89a2a530c40550d89c702c3aff8d4e98e7adbe3345d1df6d7d426b4c1cd48ad7edf12a8c54eaa858843dd35e2d89a8111c5d44af6ee417490fcdcb188b6eb0ae9de481c98248903fb3539c22f1f524e28154577f904a215a10da3fe3bea1242b60cacb9a1d963a4a6877350e3b04c7e1dd4c20086dc4083340cb1819fa016f24f24db8a163fe6d30fbe7ca9e05ea6d459a629e470be50a4e8609ebf3f58db24d671e24b9a98ecb3592de9117439b32ed46f4e836fee007ed314594c2a32c8f6b99e23a2b4e2b574b57a62026eca17e2ac2caeedd2d6a465513c79e63761f3d893908f82118c9ed9813d42effbcd755929ceb059850866040a8c9e529ea37bc436ab87d8efeedc96544669a00a5e2d5e9bc079caa7c64a5cb5570b2e99fe9d72fa4832267bb434d47ad4746dafc47f0f4d6f96b3aedd8dc52c68a7523b37c486d4b60ba4f454221933a1d12791adffa92515c4ceef1466f7d09184510d0a395d835f98670478954ff7d9315b381405a487cdfce6028e8873eac5606c65dbb54d05a8d42ec1950b7bb4b47e659f53bad80ab90a86ec56e6bb2aae2028a84d52a506ae82bcf94f40fa105a9009c24d2efdb0fe5d387df5c99981423db98a8f7612126042ac024bdcfd1ea07d5474fa29f4f5eb5eda2d9fa9e43baa25503809c2e58a7bb7ee723e8b3490772bcbcfb0bb5536e76bcd2e5228c21c5d0f941618cb1a10e3f3792f114ec717b196512bf886c30052559ebfe66d50ab847e5f3efc3afec02291cb8fb3058ca8a5e8624ab69f0677739cfc5316b098270ce4c224870ae60c4e81900b13448af730c836503b80234f3cc3b8d060f6df87ff9892b637c3c8445068d00e4522efbfd3543449e2f4c7d85f43cdc5216e6c241d8df32880c184839a75c235ad1411b7c8fb4344ff5dc713daf3ca1d020a9b779066071c8b5da3b653d6a3ab7659e2f164704f47fb9b7bba4c257bc09c64e107b458cbf3d590e4095cb8ff11e0996f20f5922069d60e94e7d460c98843cf1009cf211cf58aec7818d176741a1372b9a3b85306aededd1c8bb36027adc3e374942f376b24aad491c7183305661a0682ef056e83cdc947a08a5e6762682f9021db71fec183f4ef406223f50980755b22cb0e87ed2956dfe72a6f1063a1341957c9228c20c43d8f339707f6ae88f1f032d669fbdf8f9ae134b4bca8069871184e17968267dacbffb6cfd714b2a7acf74b25f0a0a2f1e3955e88be1b0f9658a1d846ca01ed33e655ee0f0b85be81faf5e941988a3cb7a78f0ef41a4d23a0c372407a5e1b367a0886317d1e7ee81e401c3d3d48b8f8b41b3483b87a21c5b7116d2a7375b57e5a81591fda53b42af455ec5bbb381090e0f97a17b10642ba8e9a5484358161f8fc1f24133dbb03215f93be83c58835c16faf63f732235762cb01cf9c67c3e0fc540083e4ca0d6f5a77eebdf3ce2439f9b852a785902551b0fb30b388c42dbef81244dc5901cd0a6aae452daec158c573bbace8e52bc0fe22a9295997cdf05ebff6ec3b6963e25e83a22d68a9cef5ed5bd07f93c51a03d52401b1b30c8fe5fe12f75bb5f117a836d818e6382f00ade7ae60608f00082575d49914fca3cfa34fde9f2ce256811a89aac29ce54a7e2f2c4ba4d2edcc62ac07d8d432931df5255bafc3c28e9b5d75aa5837e44d697142956b71fb2cd56e41d74e49151fa33cd5db6e2f77e379d3214b2f0ada002dfdc8aafe604e48317f1d20794c62c21079482c3911a17efeb127c97867a2ac0b4c30c4a5f859e637ed30862124692f36142b8f514ccc531a4a08c602d924e3c000d81328f7f07c3e31f08930f6dcd0c4a827f02dcf4937b1e14824639094a0d47d574e28ce20d9c42d619792ad7e56367ee375bbfea82501b6a23518361be3fd4f20f70d9ed409c71dc30a0c4685a1fdd905601205a5115bde4e083b3f0734a312fd68ccdc3efb3f4f7f0b9e08a90813a1ff6e6ba24fa0f124fe2ff649f537c8b1569079357e130dc6917e2bdfdbf3af6c0a4ff089330685d3585a90cac5656987f105ea49a5f64358067c43ca4f3364fff3a96f3671b1fcad82f37efb40604593dc77cc51c5d56c37ee30e288abb347f7feb6dde4b53d583d04dba274424c03a90385e3e1a0b07318ff4b693bd9e3266a67663fae7e8b64556c19a46241a76c7fcc24436d81500c956bce7e14474f5636b6576da9500f5691e51a7e86e2388bfdb8b8d1264960e8b72402b3fde519d556de504a47f334167f3183f6266c021bbeb3a5e46a619f57240d05011905b84ac1301c4b0e21b8d3d58c1d82fa03796f2212ff1964ad2aa1802ffe036cf390f8d0d1f57b10b998fc0d59e9bae33558ca6c66722a188a34ccb12220d820a28c04b91015876570e877ef251520584785c2a459661f701df92188a87d5b427dd1f44e8503fd46ff960eeb8fde9529037f3312e7a10ad0c572ba2223568d92f7e32fe9e3bb17f8341c5687c099f37e6ef53176244a5bb0d282a00444ddb0d5075f412804b349a66f3c0ee9c258824e88435468ffd3d83ada54f9a52cba62ba82e4e4425a3b53ba51fa232de09bd85915744c1fe0b4b7bcf2828f74b25e67e148f2b1d429f1c972a5471210819c6a55a9f066061a8448a42e2b21470552a86056a216474d04f2b1be7bea5feb10de26fcc6b922d458143b8a60eac45fbd145ecac82197123fce629b5e0ceaa5928f980cc70d4f1ef9c49cea7dc65ea4ec9638396bd6aee12271d23d8bea6ee73b57f403a0db25b01db35b6e38053afa315ba6f9445ec7046b6cc58178d76f91e4bc637620e4f2b751e03c423ee58df62de63e321720328152435971b696b851199f82c9c095867a5cf0950c41e3e805ec78cf721d623bc514d48fb75756f85ed5a7753a71e6332eeffdee9cb29514650622d181ed4348126f094aebd6027c99abb5a21ac777c1ba268d1990be32125ec224840c5c6c4bd6be996df94abf934f54d3a92d4b9cb5590dd26a23185f125bebd84439cf5bce6c5932c73092808e60aab4e907c221e36b91727401cb10562d6a25267553fd6f7a4102644be0f2cfdfdd43f69755c5da4fe36618c3841631ec589074b2e21deba06941b8d000fdf7e29b13023a552a8a53c68dd27294b0f873e8545dac4d610b41fc2bd514420d92587c2b5f1f696671c71ed019f022f9076e9450aff36ff1b5e8326299d43f4c3f76b1111c97fc8487a5ab6ace8e3e68b8d92a39420ece79a59b01c1617d833008fd2644c05534c1bba1e585f188d8dffe76ba1825472fc06c362b35fc84aa9d24f3fb302651b5ff2bea1c40cfbca6f825d3263dad864ab05b7dd11fc135e745f2ac5241927a3dd29096316f6bf09a4f04700029db096e74a069a3b342a73202226add3961888e385aa145940c1c2a37ad49c36537cdec057c1ebf4cc36e25f9f1f106c33a9bc273dd2332fef4e6da55a42e46be8be94929efcb19560b5fd69498cd57ae3a6518e83870e80e6fe3f247034a8afb69a5519c788f46774b4e5df49b09520e5124657036645537b636fe066c4f6ddbf527410079b096816c78fd0c9e9afe2d5d7700bf10afadce4c169a9df12b0ce94b876eaa65a9167ea75979ad50f3301e3de3eaf32ac24f5c309983be2b3959cd3e05b4fcc6270dab06695f4870e3321d8f452b2277bd1668773b6a389452da3a623d71e8807e2e76b186525e4a3f72a9076e1bd02bb76e662b0219cf4bdf2522b4afdc7998a56ac026c34692aeda1876644cefa1a28f669250f4", 0x1000)
getsockname$unix(r5, &(0x7f0000000080)=@abs, &(0x7f0000000040)=0xffffff07)

03:45:27 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x8940, &(0x7f00000000c0))

[ 1004.755921] FAULT_INJECTION: forcing a failure.
[ 1004.755921] name failslab, interval 1, probability 0, space 0, times 0
[ 1004.778937] CPU: 1 PID: 14824 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1004.787449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1004.787467] Call Trace:
[ 1004.787495]  dump_stack+0x244/0x39d
[ 1004.787526]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1004.808279]  ? __lock_acquire+0x62f/0x4c20
[ 1004.808303]  should_fail.cold.4+0xa/0x17
[ 1004.808323]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1004.808348]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1004.816644]  ? mark_held_locks+0x130/0x130
[ 1004.816663]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1004.816686]  ? ext4_put_super+0xf40/0xf40
[ 1004.816703]  ? zap_class+0x640/0x640
[ 1004.816721]  ? find_held_lock+0x36/0x1c0
[ 1004.816745]  ? zap_class+0x640/0x640
[ 1004.831257]  ? print_usage_bug+0xc0/0xc0
03:45:27 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x100000000000000, 0x2}}}, 0x50}}, 0x0)

[ 1004.831279]  ? __lock_is_held+0xb5/0x140
[ 1004.831293]  ? print_usage_bug+0xc0/0xc0
[ 1004.831320]  ? zap_class+0x640/0x640
[ 1004.848329]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1004.848350]  ? zap_class+0x640/0x640
[ 1004.848375]  __should_failslab+0x124/0x180
[ 1004.848394]  should_failslab+0x9/0x14
[ 1004.860230]  kmem_cache_alloc+0x2be/0x730
[ 1004.860262]  jbd2__journal_start+0x1e7/0xa80
[ 1004.860277]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1004.860304]  ? jbd2_write_access_granted.part.8+0x410/0x410
[ 1004.877231]  ? __might_sleep+0x95/0x190
[ 1004.877255]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.877279]  __ext4_journal_start_sb+0x1a0/0x5e0
[ 1004.877296]  ? ext4_xattr_set+0x1f7/0x420
[ 1004.919540]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[ 1004.919558]  ? __ext4_xattr_set_credits+0x3ae/0x520
[ 1004.919584]  ? ext4_xattr_set_credits.part.31+0x6b/0x120
[ 1004.919608]  ext4_xattr_set+0x1f7/0x420
[ 1004.929488]  ? ext4_xattr_set_credits+0x120/0x120
[ 1004.929513]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.929528]  ? evm_protected_xattr+0x206/0x290
[ 1004.929548]  ? __sanitizer_cov_trace_cmp1+0x17/0x20
[ 1004.940004]  ? ext4_xattr_destroy_cache+0x30/0x30
[ 1004.940020]  ext4_xattr_trusted_set+0x36/0x40
[ 1004.940042]  __vfs_setxattr+0x124/0x180
[ 1004.940062]  ? xattr_resolve_name+0x430/0x430
[ 1004.940091]  __vfs_setxattr_noperm+0x11d/0x410
[ 1004.954448]  vfs_setxattr+0xd8/0x100
[ 1004.954485]  ovl_fill_super+0x1451/0x3f33
[ 1004.954520]  ? vfs_get_super+0x270/0x270
[ 1004.954552]  ? ovl_show_options+0x550/0x550
[ 1004.969007]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.969029]  ? get_anon_bdev+0xc0/0xc0
[ 1004.969043]  ? sget+0x113/0x150
[ 1004.969064]  ? ovl_show_options+0x550/0x550
[ 1004.977535]  mount_nodev+0x73/0x120
[ 1004.977555]  ? ovl_own_xattr_set+0x10/0x10
[ 1004.977571]  ovl_mount+0x34/0x40
[ 1004.977589]  legacy_get_tree+0x131/0x460
[ 1004.977612]  vfs_get_tree+0x1cb/0x5c0
[ 1004.977626]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1004.977644]  do_mount+0x70c/0x1d90
[ 1004.990474]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
03:45:27 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x40049409, &(0x7f00000000c0))

[ 1004.990498]  ? copy_mount_string+0x40/0x40
[ 1004.990521]  ? copy_mount_options+0x5f/0x430
[ 1004.998723]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1004.998745]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1004.998769]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1004.998784]  ? copy_mount_options+0x315/0x430
[ 1004.998808]  ksys_mount+0x12d/0x140
[ 1005.008665]  __x64_sys_mount+0xbe/0x150
[ 1005.008690]  do_syscall_64+0x1b9/0x820
[ 1005.008710]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1005.008728]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1005.008750]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1005.008768]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1005.008791]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1005.020254]  ? __switch_to_asm+0x40/0x70
[ 1005.020268]  ? __switch_to_asm+0x34/0x70
[ 1005.020292]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1005.020319]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1005.020337] RIP: 0033:0x457569
[ 1005.028190] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1005.028199] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1005.028214] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1005.028233] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1005.028243] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1005.028253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1005.028263] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
03:45:28 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x300000000000000, 0x2}}}, 0x50}}, 0x0)

[ 1005.049193] overlayfs: upper fs does not support xattr, falling back to index=off and metacopy=off.
03:45:28 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x9, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:28 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d4, &(0x7f00000000c0))

03:45:28 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x860c0000, 0x2}}}, 0x50}}, 0x0)

03:45:28 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d7660")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:28 executing program 4 (fault-call:2 fault-nth:80):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:28 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2a0, 0x2}}}, 0x50}}, 0x0)

[ 1005.492287] FAT-fs (loop3): bogus number of reserved sectors
03:45:28 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x8980, &(0x7f00000000c0))

[ 1005.536146] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1005.803961] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1005.853184] FAULT_INJECTION: forcing a failure.
[ 1005.853184] name failslab, interval 1, probability 0, space 0, times 0
[ 1005.877248] CPU: 0 PID: 14880 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1005.886029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1005.895387] Call Trace:
[ 1005.897996]  dump_stack+0x244/0x39d
[ 1005.901646]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1005.906856]  ? __kernel_text_address+0xd/0x40
[ 1005.911364]  ? unwind_get_return_address+0x61/0xa0
[ 1005.916312]  should_fail.cold.4+0xa/0x17
[ 1005.920402]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1005.925532]  ? save_stack+0x43/0xd0
[ 1005.929184]  ? kasan_kmalloc+0xc7/0xe0
[ 1005.933085]  ? __kmalloc+0x15b/0x760
[ 1005.936813]  ? ovl_fill_super+0x23ec/0x3f33
[ 1005.941151]  ? mount_nodev+0x73/0x120
[ 1005.944967]  ? zap_class+0x640/0x640
[ 1005.948690]  ? do_mount+0x70c/0x1d90
[ 1005.952418]  ? ksys_mount+0x12d/0x140
[ 1005.956252]  ? __x64_sys_mount+0xbe/0x150
[ 1005.960423]  ? do_syscall_64+0x1b9/0x820
[ 1005.964527]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1005.969916]  ? find_held_lock+0x36/0x1c0
[ 1005.973999]  ? __lock_is_held+0xb5/0x140
[ 1005.978090]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1005.983597]  __should_failslab+0x124/0x180
[ 1005.987853]  should_failslab+0x9/0x14
[ 1005.991672]  __kmalloc+0x2e0/0x760
[ 1005.995237]  ? ovl_fill_super+0x2430/0x3f33
[ 1005.999582]  ovl_fill_super+0x2430/0x3f33
[ 1006.003783]  ? ovl_show_options+0x550/0x550
[ 1006.008153]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1006.013742]  ? get_anon_bdev+0xc0/0xc0
[ 1006.017639]  ? sget+0x113/0x150
[ 1006.020935]  ? ovl_show_options+0x550/0x550
[ 1006.025263]  mount_nodev+0x73/0x120
[ 1006.028919]  ? ovl_own_xattr_set+0x10/0x10
[ 1006.033163]  ovl_mount+0x34/0x40
[ 1006.036541]  legacy_get_tree+0x131/0x460
[ 1006.040626]  vfs_get_tree+0x1cb/0x5c0
[ 1006.044445]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1006.049231]  do_mount+0x70c/0x1d90
03:45:28 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = openat$cgroup_int(r1, &(0x7f0000000100)='cpuset.sched_load_balance\x00', 0x2, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000040)={0x0, 0x7, 0x5d, 0x6, 'syz0\x00', 0xe9})
r3 = semget(0x1, 0x0, 0x80)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000200))
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000001c0)=<r4=>0x0)
fcntl$setown(r2, 0x8, r4)
semop(r3, &(0x7f0000000240)=[{0x7, 0x8, 0x800}, {0x0, 0x40000008, 0xfff}, {0x6, 0x9e03, 0x800}], 0x3)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:28 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0xe, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:28 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d7660")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:28 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x9effffff, 0x2}}}, 0x50}}, 0x0)

03:45:28 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x400448dd, &(0x7f00000000c0))

[ 1006.052795]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1006.058355]  ? copy_mount_string+0x40/0x40
[ 1006.062624]  ? copy_mount_options+0x5f/0x430
[ 1006.067053]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1006.071937]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1006.077518]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1006.083076]  ? copy_mount_options+0x315/0x430
[ 1006.087597]  ksys_mount+0x12d/0x140
[ 1006.091245]  __x64_sys_mount+0xbe/0x150
[ 1006.095238]  do_syscall_64+0x1b9/0x820
[ 1006.099142]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
03:45:28 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={<r2=>0x0})
ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f0000000240)={r2, 0x1, &(0x7f0000000100)=[0xffffffff], &(0x7f0000000180), 0x20, 0x8, 0x0, &(0x7f00000001c0)=[0xfffffffffffffffc, 0x9, 0xd9, 0x5, 0xff, 0xd, 0x23, 0x4], &(0x7f0000000200)=[0x3]})
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:29 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = syz_open_dev$vcsa(&(0x7f0000000280)='/dev/vcsa#\x00', 0xd7, 0x4400)
bind$bt_rfcomm(r2, &(0x7f00000002c0)={0x1f, {0x0, 0x1}}, 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

[ 1006.104523]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1006.109489]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1006.114527]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1006.119559]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1006.126246]  ? __switch_to_asm+0x40/0x70
[ 1006.130320]  ? __switch_to_asm+0x34/0x70
[ 1006.134409]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1006.139287]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1006.144505] RIP: 0033:0x457569
03:45:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xffffff9e, 0x2}}}, 0x50}}, 0x0)

03:45:29 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x800448d2, &(0x7f00000000c0))

[ 1006.147716] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1006.166636] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.174349] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1006.181623] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1006.188905] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1006.196206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1006.203487] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1006.247972] FAT-fs (loop3): bogus number of reserved sectors
[ 1006.275110] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:29 executing program 4 (fault-call:2 fault-nth:81):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:29 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00')
preadv(r0, &(0x7f0000000480), 0x10000000000001e1, 0x4c000000)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000140), 0xa)
getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:29 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x8902, &(0x7f00000000c0))

03:45:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xfffffffffffff000, 0x2}}}, 0x50}}, 0x0)

[ 1006.466898] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1006.536090] FAULT_INJECTION: forcing a failure.
[ 1006.536090] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.556188] CPU: 0 PID: 14931 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1006.564699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1006.564707] Call Trace:
[ 1006.564743]  dump_stack+0x244/0x39d
[ 1006.564772]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1006.564795]  ? ext4_xattr_ibody_inline_set+0x2b0/0x2b0
[ 1006.564824]  should_fail.cold.4+0xa/0x17
[ 1006.576764]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1006.576792]  ? find_held_lock+0x36/0x1c0
[ 1006.576811]  ? zap_class+0x640/0x640
[ 1006.585660]  ? mntput_no_expire+0x1ba/0xc00
[ 1006.585682]  ? find_held_lock+0x36/0x1c0
[ 1006.585705]  ? __lock_is_held+0xb5/0x140
[ 1006.585786]  ? koneplus_sysfs_set_actual_profile+0x488/0x5e0
[ 1006.585819]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1006.595134]  ? rcu_softirq_qs+0x20/0x20
[ 1006.595164]  __should_failslab+0x124/0x180
[ 1006.595181]  should_failslab+0x9/0x14
[ 1006.595206]  __kmalloc_track_caller+0x2d1/0x760
[ 1006.604363]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1006.604381]  ? check_preemption_disabled+0x48/0x280
[ 1006.604404]  ? ovl_fill_super+0x17e3/0x3f33
[ 1006.604423]  kstrdup+0x39/0x70
[ 1006.604447]  ovl_fill_super+0x17e3/0x3f33
[ 1006.612492]  ? vfs_get_super+0x270/0x270
[ 1006.612526]  ? ovl_show_options+0x550/0x550
[ 1006.620660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1006.620680]  ? get_anon_bdev+0xc0/0xc0
[ 1006.631918]  ? sget+0x113/0x150
[ 1006.631940]  ? ovl_show_options+0x550/0x550
[ 1006.631956]  mount_nodev+0x73/0x120
[ 1006.631976]  ? ovl_own_xattr_set+0x10/0x10
[ 1006.640184]  ovl_mount+0x34/0x40
[ 1006.640216]  legacy_get_tree+0x131/0x460
[ 1006.640236]  vfs_get_tree+0x1cb/0x5c0
[ 1006.640253]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1006.648711]  do_mount+0x70c/0x1d90
[ 1006.648740]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1006.648763]  ? copy_mount_string+0x40/0x40
[ 1006.648784]  ? copy_mount_options+0x5f/0x430
[ 1006.648805]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1006.659368]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1006.659392]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1006.659412]  ? copy_mount_options+0x315/0x430
[ 1006.666923]  ksys_mount+0x12d/0x140
[ 1006.666943]  __x64_sys_mount+0xbe/0x150
[ 1006.666966]  do_syscall_64+0x1b9/0x820
[ 1006.666985]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1006.667006]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1006.675253]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1006.675271]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1006.675301]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1006.675315]  ? __switch_to_asm+0x40/0x70
[ 1006.675332]  ? __switch_to_asm+0x34/0x70
[ 1006.685184]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1006.685212]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1006.685224] RIP: 0033:0x457569
03:45:29 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x2, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:29 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0xf0ffffff00000000, 0x2}}}, 0x50}}, 0x0)

03:45:29 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d7660")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:29 executing program 4 (fault-call:2 fault-nth:82):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:29 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000100)={0x0, @speck128})
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140)={0x1f, {0xd3}}, 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:29 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x8982, &(0x7f00000000c0))

[ 1006.685240] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1006.685249] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1006.692426] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1006.692436] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1006.692445] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1006.692454] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1006.692478] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1006.929830] FAT-fs (loop3): bogus number of reserved sectors
[ 1006.938421] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1006.952595] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1006.984744] FAULT_INJECTION: forcing a failure.
[ 1006.984744] name failslab, interval 1, probability 0, space 0, times 0
[ 1007.048766] CPU: 1 PID: 14954 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1007.057302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1007.066657] Call Trace:
[ 1007.066685]  dump_stack+0x244/0x39d
[ 1007.066712]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1007.066756]  should_fail.cold.4+0xa/0x17
[ 1007.072964]  ? kernel_text_address+0x79/0xf0
[ 1007.072999]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1007.073013]  ? unwind_get_return_address+0x61/0xa0
[ 1007.073034]  ? __save_stack_trace+0x8d/0xf0
[ 1007.101041]  ? zap_class+0x640/0x640
[ 1007.104777]  ? save_stack+0xa9/0xd0
[ 1007.108481]  ? find_held_lock+0x36/0x1c0
[ 1007.112574]  ? __lock_is_held+0xb5/0x140
[ 1007.116665]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1007.122144]  ? check_preemption_disabled+0x48/0x280
[ 1007.127193]  __should_failslab+0x124/0x180
[ 1007.131470]  should_failslab+0x9/0x14
[ 1007.135291]  kmem_cache_alloc+0x2be/0x730
[ 1007.139476]  getname_kernel+0x54/0x370
[ 1007.143387]  kern_path+0x1e/0x40
[ 1007.146784]  ovl_mount_dir_noesc+0x6b/0x190
[ 1007.146807]  ovl_fill_super+0x1cf1/0x3f33
[ 1007.146844]  ? ovl_show_options+0x550/0x550
[ 1007.159652]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1007.165212]  ? get_anon_bdev+0xc0/0xc0
[ 1007.169126]  ? sget+0x113/0x150
[ 1007.172427]  ? ovl_show_options+0x550/0x550
[ 1007.176781]  mount_nodev+0x73/0x120
[ 1007.180428]  ? ovl_own_xattr_set+0x10/0x10
[ 1007.184690]  ovl_mount+0x34/0x40
[ 1007.188076]  legacy_get_tree+0x131/0x460
[ 1007.192162]  vfs_get_tree+0x1cb/0x5c0
03:45:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2, 0x2}}}, 0x50}}, 0x0)

03:45:30 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x894c, &(0x7f00000000c0))

03:45:30 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
fchmodat(r1, &(0x7f0000000040)='./file0\x00', 0x8)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000100)={<r2=>0x0})
ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000180)={r2, 0x3a})

03:45:30 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x8, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

[ 1007.195985]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1007.200756]  do_mount+0x70c/0x1d90
[ 1007.204319]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1007.209882]  ? copy_mount_string+0x40/0x40
[ 1007.214142]  ? copy_mount_options+0x5f/0x430
[ 1007.218563]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1007.223454]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1007.229030]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1007.234582]  ? copy_mount_options+0x315/0x430
[ 1007.239100]  ksys_mount+0x12d/0x140
[ 1007.242772]  __x64_sys_mount+0xbe/0x150
03:45:30 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x89a0, &(0x7f00000000c0))

03:45:30 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x6, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

[ 1007.246774]  do_syscall_64+0x1b9/0x820
[ 1007.250684]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1007.256066]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1007.261009]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1007.266036]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1007.271064]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1007.277738]  ? __switch_to_asm+0x40/0x70
[ 1007.281809]  ? __switch_to_asm+0x34/0x70
[ 1007.285898]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1007.290769]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1007.290787] RIP: 0033:0x457569
[ 1007.299165] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1007.299175] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1007.299191] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1007.299202] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1007.299211] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
03:45:30 executing program 3 (fault-call:3 fault-nth:0):
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[ 1007.299228] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1007.299243] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1007.366445] overlayfs: failed to resolve './file0': -12
03:45:30 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x10, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:30 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x2, &(0x7f00000000c0))

[ 1007.431520] FAT-fs (loop3): bogus number of reserved sectors
03:45:30 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x109000, 0x0)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000040)=0x6e)
ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f0000000100)={'lo\x00', {0x2, 0x4e24, @broadcast}})
epoll_create(0x10000)

[ 1007.481584] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1007.511873] FAULT_INJECTION: forcing a failure.
[ 1007.511873] name failslab, interval 1, probability 0, space 0, times 0
[ 1007.562061] CPU: 1 PID: 14984 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1007.570581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1007.570589] Call Trace:
[ 1007.570616]  dump_stack+0x244/0x39d
[ 1007.570641]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1007.570661]  ? zap_class+0x640/0x640
[ 1007.570682]  ? zap_class+0x640/0x640
[ 1007.570708]  should_fail.cold.4+0xa/0x17
[ 1007.570730]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1007.570749]  ? find_held_lock+0x36/0x1c0
[ 1007.570770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1007.570790]  ? zap_class+0x640/0x640
[ 1007.570810]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1007.570834]  ? _kstrtoull+0x188/0x250
[ 1007.630731]  ? _parse_integer+0x180/0x180
[ 1007.634890]  ? zap_class+0x640/0x640
[ 1007.638634]  ? find_held_lock+0x36/0x1c0
[ 1007.642731]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1007.648248]  __should_failslab+0x124/0x180
[ 1007.652540]  should_failslab+0x9/0x14
[ 1007.656379]  kmem_cache_alloc+0x2be/0x730
[ 1007.656399]  ? __might_sleep+0x95/0x190
[ 1007.656419]  ? sock_destroy_inode+0x60/0x60
[ 1007.656439]  sock_alloc_inode+0x1d/0x260
[ 1007.656468]  ? sock_destroy_inode+0x60/0x60
[ 1007.656485]  alloc_inode+0x63/0x190
[ 1007.656504]  new_inode_pseudo+0x71/0x1a0
[ 1007.672991]  ? prune_icache_sb+0x1c0/0x1c0
[ 1007.673012]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1007.673040]  sock_alloc+0x41/0x270
[ 1007.673065]  __sock_create+0x175/0x930
[ 1007.701654]  ? kernel_sock_ip_overhead+0x570/0x570
[ 1007.701690]  ? __sb_end_write+0xd9/0x110
[ 1007.701713]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1007.701741]  __sys_socket+0x106/0x260
[ 1007.720045]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1007.724660]  ? move_addr_to_kernel+0x70/0x70
[ 1007.729081]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1007.734497]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1007.739617]  __x64_sys_socket+0x73/0xb0
[ 1007.739640]  do_syscall_64+0x1b9/0x820
[ 1007.739658]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1007.739678]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1007.739698]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1007.757840]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1007.757861]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1007.757876]  ? __switch_to_asm+0x40/0x70
[ 1007.757893]  ? __switch_to_asm+0x34/0x70
[ 1007.767926]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1007.787524]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1007.792717] RIP: 0033:0x45a0d7
03:45:30 executing program 4 (fault-call:2 fault-nth:83):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2a0ffffffff, 0x2}}}, 0x50}}, 0x0)

03:45:30 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x4020940d, &(0x7f00000000c0))

[ 1007.795919] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7a 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1007.814823] RSP: 002b:00007f43874199c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[ 1007.822542] RAX: ffffffffffffffda RBX: 00007f4387419a58 RCX: 000000000045a0d7
[ 1007.829830] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1007.837108] RBP: 000000000072bfa0 R08: 000000000000000b R09: 0000000000000000
[ 1007.844386] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f4387419a40
[ 1007.851657] R13: 00000000004cb468 R14: 00000000004d7c38 R15: 0000000000000006
03:45:30 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)

03:45:30 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x400448cc, &(0x7f00000000c0))

03:45:30 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x2000000000000000, 0x2}}}, 0x50}}, 0x0)

[ 1008.010929] socket: no more sockets
[ 1008.065794] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
03:45:30 executing program 1:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x105400, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000100))
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
bind$bt_rfcomm(r2, &(0x7f0000000140), 0xa)
getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:31 executing program 3 (fault-call:3 fault-nth:1):
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

03:45:31 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0x50}}, 0x0)

[ 1008.160448] FAULT_INJECTION: forcing a failure.
[ 1008.160448] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1008.172320] CPU: 1 PID: 15018 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1008.180816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1008.190180] Call Trace:
[ 1008.192783]  dump_stack+0x244/0x39d
[ 1008.196428]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1008.201647]  ? zap_class+0x640/0x640
[ 1008.205381]  should_fail.cold.4+0xa/0x17
[ 1008.209475]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1008.214618]  ? mark_held_locks+0x130/0x130
[ 1008.218873]  ? lock_downgrade+0x900/0x900
[ 1008.223034]  ? check_preemption_disabled+0x48/0x280
[ 1008.228074]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1008.233012]  ? kasan_check_read+0x11/0x20
[ 1008.237186]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1008.242486]  ? rcu_softirq_qs+0x20/0x20
[ 1008.246484]  ? rcu_softirq_qs+0x20/0x20
[ 1008.250480]  ? unwind_dump+0x190/0x190
[ 1008.254390]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1008.259940]  ? should_fail+0x22d/0xd01
[ 1008.263842]  ? kernel_text_address+0x79/0xf0
[ 1008.268266]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1008.273378]  ? unwind_get_return_address+0x61/0xa0
[ 1008.278336]  __alloc_pages_nodemask+0x34b/0xdd0
[ 1008.283031]  ? __alloc_pages_slowpath+0x2dd0/0x2dd0
[ 1008.288068]  ? save_stack+0xa9/0xd0
[ 1008.291720]  ? find_held_lock+0x36/0x1c0
[ 1008.295813]  ? usb_port_suspend+0x968/0xcd0
[ 1008.300174]  ? trace_hardirqs_off+0xb8/0x310
[ 1008.304615]  cache_grow_begin+0xa5/0x8c0
[ 1008.308683]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1008.314236]  ? check_preemption_disabled+0x48/0x280
[ 1008.319274]  kmem_cache_alloc+0x66b/0x730
[ 1008.323447]  getname_kernel+0x54/0x370
[ 1008.327367]  kern_path+0x1e/0x40
[ 1008.330751]  ovl_mount_dir_noesc+0x6b/0x190
[ 1008.335089]  ovl_fill_super+0x1cf1/0x3f33
[ 1008.339279]  ? ovl_show_options+0x550/0x550
[ 1008.343649]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1008.349208]  ? get_anon_bdev+0xc0/0xc0
[ 1008.353108]  ? sget+0x113/0x150
[ 1008.356403]  ? ovl_show_options+0x550/0x550
[ 1008.360733]  mount_nodev+0x73/0x120
[ 1008.364371]  ? ovl_own_xattr_set+0x10/0x10
[ 1008.368616]  ovl_mount+0x34/0x40
[ 1008.372007]  legacy_get_tree+0x131/0x460
[ 1008.376084]  vfs_get_tree+0x1cb/0x5c0
[ 1008.379897]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1008.384659]  do_mount+0x70c/0x1d90
[ 1008.388212]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1008.393774]  ? copy_mount_string+0x40/0x40
[ 1008.398029]  ? copy_mount_options+0x5f/0x430
[ 1008.402456]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1008.407335]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1008.412915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1008.418484]  ? copy_mount_options+0x315/0x430
[ 1008.422995]  ksys_mount+0x12d/0x140
[ 1008.426642]  __x64_sys_mount+0xbe/0x150
[ 1008.430639]  do_syscall_64+0x1b9/0x820
[ 1008.434543]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1008.439919]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1008.444868]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1008.449899]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1008.454929]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1008.461613]  ? __switch_to_asm+0x40/0x70
[ 1008.465685]  ? __switch_to_asm+0x34/0x70
[ 1008.469763]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1008.474626]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1008.479825] RIP: 0033:0x457569
[ 1008.483028] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1008.501943] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1008.509670] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1008.516943] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1008.524217] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1008.531515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1008.538790] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1008.657257] FAT-fs (loop3): bogus number of reserved sectors
[ 1008.674685] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1008.687708] FAULT_INJECTION: forcing a failure.
[ 1008.687708] name failslab, interval 1, probability 0, space 0, times 0
[ 1008.743527] CPU: 0 PID: 15026 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1008.752050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1008.761408] Call Trace:
[ 1008.764009]  dump_stack+0x244/0x39d
[ 1008.767677]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1008.772881]  ? __kernel_text_address+0xd/0x40
[ 1008.777397]  should_fail.cold.4+0xa/0x17
[ 1008.781476]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1008.786596]  ? save_stack+0xa9/0xd0
[ 1008.790234]  ? save_stack+0x43/0xd0
[ 1008.793862]  ? kasan_kmalloc+0xc7/0xe0
[ 1008.797764]  ? kasan_slab_alloc+0x12/0x20
[ 1008.801924]  ? kmem_cache_alloc+0x12e/0x730
[ 1008.806268]  ? sock_alloc_inode+0x1d/0x260
[ 1008.810507]  ? alloc_inode+0x63/0x190
[ 1008.814313]  ? new_inode_pseudo+0x71/0x1a0
[ 1008.818563]  ? __sock_create+0x175/0x930
[ 1008.822636]  ? __sys_socket+0x106/0x260
[ 1008.826649]  ? __x64_sys_socket+0x73/0xb0
[ 1008.830808]  ? do_syscall_64+0x1b9/0x820
[ 1008.834886]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1008.840271]  ? find_held_lock+0x36/0x1c0
[ 1008.844404]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1008.844426]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1008.844452]  __should_failslab+0x124/0x180
[ 1008.855453]  should_failslab+0x9/0x14
[ 1008.855483]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1008.855499]  ? kmem_cache_alloc+0x33a/0x730
[ 1008.855518]  ? __might_sleep+0x95/0x190
[ 1008.855538]  ? sock_destroy_inode+0x60/0x60
[ 1008.881103]  sock_alloc_inode+0x66/0x260
[ 1008.885195]  ? sock_destroy_inode+0x60/0x60
[ 1008.890326]  alloc_inode+0x63/0x190
[ 1008.893980]  new_inode_pseudo+0x71/0x1a0
[ 1008.898053]  ? prune_icache_sb+0x1c0/0x1c0
[ 1008.902301]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1008.907267]  sock_alloc+0x41/0x270
[ 1008.910839]  __sock_create+0x175/0x930
[ 1008.914758]  ? kernel_sock_ip_overhead+0x570/0x570
[ 1008.919713]  ? __sb_end_write+0xd9/0x110
[ 1008.923804]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1008.929366]  __sys_socket+0x106/0x260
[ 1008.933176]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1008.937778]  ? move_addr_to_kernel+0x70/0x70
03:45:31 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/mixer\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0xbb7f}, 0x25, &(0x7f0000000440)={&(0x7f00000004c0)={0x18, 0x22, 0x1, 0x0, 0x0, {0x4}, [@nested={0x4, 0xd}]}, 0x18}}, 0x0)

03:45:31 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x5460, &(0x7f00000000c0))

03:45:31 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x3}}}, 0x50}}, 0x0)

[ 1008.942215]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1008.947610]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1008.952748]  __x64_sys_socket+0x73/0xb0
[ 1008.956760]  do_syscall_64+0x1b9/0x820
[ 1008.960673]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1008.966053]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1008.970997]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1008.975858]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1008.980896]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1008.985949]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1008.991099]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1008.991128]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1008.991146] RIP: 0033:0x45a0d7
[ 1009.001185] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7a 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1009.001195] RSP: 002b:00007f438743a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[ 1009.001211] RAX: ffffffffffffffda RBX: 00007f438743aa58 RCX: 000000000045a0d7
03:45:31 executing program 4 (fault-call:2 fault-nth:84):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[])
mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}]})

03:45:31 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2000, 0x0)
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000100))
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000140), 0xa)
getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:31 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0020000}}}, 0x50}}, 0x0)

03:45:31 executing program 3 (fault-call:3 fault-nth:2):
r0 = socket$l2tp(0x18, 0x1, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070")
syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000003c0)=ANY=[])
syz_genetlink_get_family_id$team(&(0x7f0000000380)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001480)={{{@in=@loopback, @in=@dev}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f0000001580)=0xe8)

[ 1009.001220] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1009.001229] RBP: 000000000072bf00 R08: 000000000000000b R09: 0000000000000000
[ 1009.001244] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f438743aa40
[ 1009.023339] R13: 00000000004cb468 R14: 00000000004d7c38 R15: 0000000000000006
[ 1009.028125] socket: no more sockets
03:45:32 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2, 0xf000}}}, 0x50}}, 0x0)

03:45:32 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{}, {}]})
bind$bt_rfcomm(r1, &(0x7f0000000140), 0xa)
getsockname$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:32 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FS_IOC_SETVERSION(r1, 0x8901, &(0x7f00000000c0))

[ 1009.185207] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size.
[ 1009.226832] FAULT_INJECTION: forcing a failure.
[ 1009.226832] name failslab, interval 1, probability 0, space 0, times 0
[ 1009.249089] FAT-fs (loop3): bogus number of reserved sectors
[ 1009.264818] FAT-fs (loop3): Can't find a valid FAT filesystem
03:45:32 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x10000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000180)={0x3, 0x6, 0x379f, 'queue0\x00', 0x9})
r2 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r2, &(0x7f0000000140), 0xa)
getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

03:45:32 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f0000000680)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0xe01, 0x0, 0x0, {{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffff9e}}}, 0x50}}, 0x0)

[ 1009.286176] FAULT_INJECTION: forcing a failure.
[ 1009.286176] name failslab, interval 1, probability 0, space 0, times 0
[ 1009.336115] CPU: 1 PID: 15064 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1009.344634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1009.354000] Call Trace:
[ 1009.356613]  dump_stack+0x244/0x39d
[ 1009.360274]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1009.360313]  ? zap_class+0x640/0x640
[ 1009.360337]  should_fail.cold.4+0xa/0x17
[ 1009.360359]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1009.369276]  ? print_usage_bug+0xc0/0xc0
[ 1009.369298]  ? __lock_acquire+0x62f/0x4c20
[ 1009.369318]  ? print_usage_bug+0xc0/0xc0
[ 1009.369334]  ? lock_downgrade+0x900/0x900
[ 1009.369364]  ? check_preemption_disabled+0x48/0x280
[ 1009.382594]  ? find_held_lock+0x36/0x1c0
[ 1009.382638]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1009.382675]  __should_failslab+0x124/0x180
[ 1009.395095]  should_failslab+0x9/0x14
[ 1009.395113]  __kmalloc+0x2e0/0x760
[ 1009.395131]  ? mark_held_locks+0x130/0x130
[ 1009.395148]  ? zap_class+0x640/0x640
[ 1009.395163]  ? sk_prot_alloc+0x1b0/0x2e0
[ 1009.395178]  ? __lockdep_init_map+0x105/0x590
[ 1009.395203]  sk_prot_alloc+0x1b0/0x2e0
[ 1009.404291]  sk_alloc+0x10d/0x1690
[ 1009.404314]  ? sock_def_error_report+0x710/0x710
[ 1009.404343]  ? __wake_up_common_lock+0x1d0/0x330
[ 1009.404366]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1009.404383]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1009.404402]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1009.414081]  ? trace_hardirqs_on+0xbd/0x310
[ 1009.414096]  ? kasan_check_read+0x11/0x20
[ 1009.414114]  ? __wake_up_common_lock+0x1d0/0x330
[ 1009.414132]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1009.414152]  ? find_held_lock+0x36/0x1c0
[ 1009.421498]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1009.421519]  ? __wake_up_common_lock+0x1d0/0x330
[ 1009.421536]  ? lock_downgrade+0x900/0x900
[ 1009.421555]  ? __wake_up_common+0x7d0/0x7d0
[ 1009.421578]  ? lock_downgrade+0x900/0x900
[ 1009.429508]  ? check_preemption_disabled+0x48/0x280
[ 1009.429544]  __netlink_create+0x6a/0x270
[ 1009.429595]  ? genl_family_find_byname+0x170/0x170
[ 1009.429623]  netlink_create+0x3a3/0x5d0
[ 1009.429640]  ? genl_unbind+0x270/0x270
[ 1009.438213]  __sock_create+0x536/0x930
[ 1009.438272]  ? kernel_sock_ip_overhead+0x570/0x570
[ 1009.438307]  ? __sb_end_write+0xd9/0x110
[ 1009.438330]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1009.438351]  __sys_socket+0x106/0x260
[ 1009.445794]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1009.445816]  ? move_addr_to_kernel+0x70/0x70
[ 1009.445836]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1009.445854]  ? trace_hardirqs_off_caller+0x300/0x300
[ 1009.445879]  __x64_sys_socket+0x73/0xb0
[ 1009.445903]  do_syscall_64+0x1b9/0x820
[ 1009.455400]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1009.455433]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1009.455453]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1009.455483]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1009.455502]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1009.455517]  ? __switch_to_asm+0x40/0x70
[ 1009.455534]  ? __switch_to_asm+0x34/0x70
[ 1009.465735]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1009.465764]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1009.465778] RIP: 0033:0x45a0d7
[ 1009.465796] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7a 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1009.465804] RSP: 002b:00007f43873f89c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029
[ 1009.465820] RAX: ffffffffffffffda RBX: 00007f43873f8a58 RCX: 000000000045a0d7
[ 1009.465829] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1009.465838] RBP: 000000000072c040 R08: 000000000000000b R09: 0000000000000000
[ 1009.465865] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f43873f8a40
[ 1009.474789] R13: 00000000004cb468 R14: 00000000004d7c38 R15: 0000000000000006
[ 1009.489973] CPU: 1 PID: 15059 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1009.515750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1009.515756] Call Trace:
[ 1009.515778]  dump_stack+0x244/0x39d
[ 1009.515802]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1009.515822]  ? __kernel_text_address+0xd/0x40
[ 1009.515846]  should_fail.cold.4+0xa/0x17
[ 1009.515867]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1009.524946]  ? save_stack+0x43/0xd0
[ 1009.524959]  ? kasan_kmalloc+0xc7/0xe0
[ 1009.524976]  ? kmem_cache_alloc_trace+0x152/0x750
[ 1009.524993]  ? ovl_encode_real_fh+0xca/0x500
[ 1009.525010]  ? zap_class+0x640/0x640
[ 1009.525026]  ? ovl_mount+0x34/0x40
[ 1009.525044]  ? legacy_get_tree+0x131/0x460
[ 1009.531306] kobject: 'tx-0' (00000000faa508ae): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim787/net/wlan772/queues/tx-0'
[ 1009.533936]  ? vfs_get_tree+0x1cb/0x5c0
[ 1009.533950]  ? do_mount+0x70c/0x1d90
[ 1009.533963]  ? ksys_mount+0x12d/0x140
[ 1009.533975]  ? __x64_sys_mount+0xbe/0x150
[ 1009.533991]  ? do_syscall_64+0x1b9/0x820
[ 1009.534012]  ? find_held_lock+0x36/0x1c0
[ 1009.543034] kobject: 'tx-1' (00000000fba1f2e4): kobject_add_internal: parent: 'queues', set: 'queues'
[ 1009.546711]  ? __lock_is_held+0xb5/0x140
[ 1009.546744]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1009.546787]  __should_failslab+0x124/0x180
[ 1009.546805]  should_failslab+0x9/0x14
[ 1009.546825]  __kmalloc+0x2e0/0x760
[ 1009.551260] kobject: 'tx-1' (00000000fba1f2e4): kobject_uevent_env
[ 1009.556416]  ? dput+0x15/0x20
[ 1009.556434]  ? ovl_encode_real_fh+0x1bb/0x500
[ 1009.556469]  ovl_encode_real_fh+0x1bb/0x500
[ 1009.556490]  ? ovl_set_attr+0x550/0x550
[ 1009.556509]  ? may_umount_tree+0x210/0x210
[ 1009.556530]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1009.560497] kobject: 'tx-1' (00000000fba1f2e4): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim787/net/wlan772/queues/tx-1'
[ 1009.564905]  ovl_verify_set_fh+0x36/0x180
[ 1009.564932]  ovl_fill_super+0x3039/0x3f33
[ 1009.564972]  ? ovl_show_options+0x550/0x550
[ 1009.565018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1009.569647] kobject: 'tx-2' (0000000047bcfa7c): kobject_add_internal: parent: 'queues', set: 'queues'
[ 1009.574752]  ? get_anon_bdev+0xc0/0xc0
[ 1009.574768]  ? sget+0x113/0x150
[ 1009.574790]  ? ovl_show_options+0x550/0x550
[ 1009.574806]  mount_nodev+0x73/0x120
[ 1009.574826]  ? ovl_own_xattr_set+0x10/0x10
[ 1009.574848]  ovl_mount+0x34/0x40
[ 1009.580316] kobject: 'tx-2' (0000000047bcfa7c): kobject_uevent_env
[ 1009.583921]  legacy_get_tree+0x131/0x460
[ 1009.583944]  vfs_get_tree+0x1cb/0x5c0
[ 1009.583961]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1009.583977]  do_mount+0x70c/0x1d90
[ 1009.583998]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1009.588073] kobject: 'tx-2' (0000000047bcfa7c): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim787/net/wlan772/queues/tx-2'
[ 1009.593246]  ? copy_mount_string+0x40/0x40
[ 1009.593269]  ? copy_mount_options+0x5f/0x430
[ 1009.593289]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1009.593309]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1009.598518] kobject: 'tx-3' (000000005ab7b555): kobject_add_internal: parent: 'queues', set: 'queues'
[ 1009.603281]  ? _copy_from_user+0xdf/0x150
[ 1009.603304]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1009.603319]  ? copy_mount_options+0x315/0x430
[ 1009.603357]  ksys_mount+0x12d/0x140
[ 1009.608791] kobject: 'tx-3' (000000005ab7b555): kobject_uevent_env
[ 1009.615025]  __x64_sys_mount+0xbe/0x150
[ 1009.615049]  do_syscall_64+0x1b9/0x820
[ 1009.615068]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1009.615088]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1009.615108]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1009.615128]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1009.619345] kobject: 'tx-3' (000000005ab7b555): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim787/net/wlan772/queues/tx-3'
[ 1009.623260]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1009.623276]  ? __switch_to_asm+0x40/0x70
[ 1009.623289]  ? __switch_to_asm+0x34/0x70
[ 1009.623311]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1009.623337]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1009.659745] kobject: 'loop2' (0000000047b1aef9): kobject_uevent_env
[ 1009.663173] RIP: 0033:0x457569
[ 1009.676824] kobject: 'loop2' (0000000047b1aef9): fill_kobj_path: path = '/devices/virtual/block/loop2'
[ 1009.677727] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1009.677737] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1009.677753] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1009.677763] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1009.677773] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1009.677783] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1009.677792] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1009.693078] kobject: 'loop3' (000000006da7c677): kobject_uevent_env
[ 1009.709270] overlayfs: failed to verify origin (1438/file0, ino=16558, err=-12)
[ 1009.735097] kobject: 'loop3' (000000006da7c677): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1009.738957] kobject: 'hwsim788' (000000007da219e4): kobject_add_internal: parent: 'mac80211_hwsim', set: 'devices'
[ 1009.744118] ------------[ cut here ]------------
[ 1009.750618] kobject: 'loop3' (000000006da7c677): kobject_uevent_env
[ 1009.751046] kernel BUG at arch/x86/mm/physaddr.c:22!
[ 1009.756283] kobject: 'loop3' (000000006da7c677): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1009.760317] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1009.760333] CPU: 1 PID: 15059 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181015+ #94
[ 1009.760358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1009.764333] kobject: 'hwsim788' (000000007da219e4): kobject_uevent_env
[ 1009.767604] RIP: 0010:__phys_addr+0xff/0x120
[ 1009.767625] Code: 3c 02 00 75 31 4c 8b 25 bf 52 ee 07 48 89 de bf ff ff ff 1f e8 12 57 45 00 49 01 dc 48 81 fb ff ff ff 1f 76 a7 e8 d1 55 45 00 <0f> 0b e8 8a 0c 8a 00 e9 7a ff ff ff e8 e0 0c 8a 00 eb c8 0f 1f 40
[ 1009.772143] kobject: 'hwsim788' (000000007da219e4): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim788'
[ 1009.784322] RSP: 0018:ffff8801747d7820 EFLAGS: 00010046
[ 1009.784335] RAX: 0000000000040000 RBX: 000000007ffffff4 RCX: ffffc9000a0d3000
[ 1009.784344] RDX: 0000000000040000 RSI: ffffffff8138cd6f RDI: 0000000000000007
[ 1009.784353] RBP: ffff8801747d7838 R08: ffff88017ebc2300 R09: ffffed003b5e5b4f
[ 1009.784367] R10: ffffed003b5e5b4f R11: ffff8801daf2da7b R12: 000000007ffffff4
[ 1009.790516] kobject: 'hwsim788' (000000007da219e4): kobject_uevent_env
[ 1009.792038] R13: 0000000000000001 R14: ffffffff882fcf80 R15: 00000000000040ae
[ 1009.792052] FS:  00007f7fae547700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[ 1009.792061] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1009.792070] CR2: 00007f3437204000 CR3: 00000001554f3000 CR4: 00000000001406e0
[ 1009.792080] Call Trace:
[ 1009.796018] kobject: 'hwsim788' (000000007da219e4): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim788'
[ 1009.800021]  ? ovl_verify_set_fh+0xba/0x180
[ 1009.800037]  kfree+0x7b/0x230
[ 1009.800055]  ovl_verify_set_fh+0xba/0x180
[ 1009.807035] kobject: 'ieee80211' (000000001524560f): kobject_add_internal: parent: 'hwsim788', set: '(null)'
[ 1009.808168]  ovl_fill_super+0x3039/0x3f33
[ 1009.808197]  ? ovl_show_options+0x550/0x550
[ 1009.817661] kobject: 'phy787' (00000000b8bd893a): kobject_add_internal: parent: 'ieee80211', set: 'devices'
[ 1009.821614]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1009.821632]  ? get_anon_bdev+0xc0/0xc0
[ 1009.827426] kobject: 'phy787' (00000000b8bd893a): kobject_uevent_env
[ 1009.831297]  ? sget+0x113/0x150
[ 1009.831317]  ? ovl_show_options+0x550/0x550
[ 1009.831334]  mount_nodev+0x73/0x120
[ 1009.835239] kobject: 'phy787' (00000000b8bd893a): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim788/ieee80211/phy787'
[ 1009.838657]  ? ovl_own_xattr_set+0x10/0x10
[ 1009.838672]  ovl_mount+0x34/0x40
[ 1009.838690]  legacy_get_tree+0x131/0x460
[ 1009.876585] kobject: 'rfkill789' (000000009b3f5e18): kobject_add_internal: parent: 'phy787', set: 'devices'
[ 1009.882549]  vfs_get_tree+0x1cb/0x5c0
[ 1009.882564]  ? legacy_fs_context_dup+0x1d0/0x1d0
[ 1009.882582]  do_mount+0x70c/0x1d90
[ 1009.887103] kobject: 'rfkill789' (000000009b3f5e18): kobject_uevent_env
[ 1009.890864]  ? rcu_lockdep_current_cpu_online+0x1a4/0x210
[ 1009.890882]  ? copy_mount_string+0x40/0x40
[ 1009.890900]  ? copy_mount_options+0x5f/0x430
[ 1009.895392] kobject: 'rfkill789' (000000009b3f5e18): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim788/ieee80211/phy787/rfkill789'
[ 1009.900762]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1009.900781]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1009.900803]  ? _copy_from_user+0xdf/0x150
[ 1009.915078] ieee80211 phy787: Selected rate control algorithm 'minstrel_ht'
[ 1009.917296]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1009.917309]  ? copy_mount_options+0x315/0x430
[ 1009.917326]  ksys_mount+0x12d/0x140
[ 1009.925652] kobject: 'net' (00000000dc8095f3): kobject_add_internal: parent: 'hwsim788', set: '(null)'
[ 1009.929498]  __x64_sys_mount+0xbe/0x150
[ 1009.929518]  do_syscall_64+0x1b9/0x820
[ 1009.929542]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1009.932993] kobject: 'wlan773' (000000002f8eb51e): kobject_add_internal: parent: 'net', set: 'devices'
[ 1009.939210]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1009.939237]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1009.939258]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1009.944526] kobject: 'wlan773' (000000002f8eb51e): kobject_uevent_env
[ 1009.947102]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1009.947117]  ? __switch_to_asm+0x40/0x70
[ 1009.947134]  ? __switch_to_asm+0x34/0x70
[ 1009.951984] kobject: 'wlan773' (000000002f8eb51e): fill_kobj_path: path = '/devices/virtual/mac80211_hwsim/hwsim788/net/wlan773'
[ 1009.955417]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1009.955440]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1009.955451] RIP: 0033:0x457569
[ 1009.955481] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1009.961157] kobject: 'queues' (0000000095d05acf): kobject_add_internal: parent: 'wlan773', set: '<NULL>'
[ 1009.973483] RSP: 002b:00007f7fae546c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1009.973498] RAX: ffffffffffffffda RBX: 00007f7fae546c90 RCX: 0000000000457569
[ 1009.973507] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000400000
[ 1009.973515] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000
[ 1009.973530] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7fae5476d4
[ 1009.980525] kobject: 'queues' (0000000095d05acf): kobject_uevent_env
[ 1009.982150] R13: 00000000004c2916 R14: 00000000004d3d68 R15: 0000000000000005
[ 1009.982168] Modules linked in:
[ 1009.982184] ---[ end trace 00f9972e377b3ab3 ]---
[ 1009.987104] kobject: 'queues' (0000000095d05acf): kobject_uevent_env: filter function caused the event to drop!
[ 1009.992553] RIP: 0010:__phys_addr+0xff/0x120
[ 1009.992580] Code: 3c 02 00 75 31 4c 8b 25 bf 52 ee 07 48 89 de bf ff ff ff 1f e8 12 57 45 00 49 01 dc 48 81 fb ff ff ff 1f 76 a7 e8 d1 55 45 00 <0f> 0b e8 8a 0c 8a 00 e9 7a ff ff ff e8 e0 0c 8a 00 eb c8 0f 1f 40
[ 1009.992593] RSP: 0018:ffff8801747d7820 EFLAGS: 00010046
[ 1010.002041] kobject: 'rx-0' (00000000bce27797): kobject_add_internal: parent: 'queues', set: 'queues'
[ 1010.006076] RAX: 0000000000040000 RBX: 000000007ffffff4 RCX: ffffc9000a0d3000
[ 1010.006085] RDX: 0000000000040000 RSI: ffffffff8138cd6f RDI: 0000000000000007
[ 1010.006095] RBP: ffff8801747d7838 R08: ffff88017ebc2300 R09: ffffed003b5e5b4f
[ 1010.006104] R10: ffffed003b5e5b4f R11: ffff8801daf2da7b R12: 000000007ffffff4
[ 1010.006112] R13: 0000000000000001 R14: ffffffff882fcf80 R15: 00000000000040ae
[ 1010.006129] FS:  00007f7fae547700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
[ 1010.011778] kobject: 'rx-0' (00000000bce27797): kobject_uevent_env
[ 1010.016144] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1010.016154] CR2: 00007f3437204000 CR3: 00000001554f3000 CR4: 00000000001406e0
[ 1010.016165] Kernel panic - not syncing: Fatal exception
[ 1010.017074] Kernel Offset: disabled
[ 1010.861577] Rebooting in 86400 seconds..