[   51.562313][   T39] audit: type=1400 audit(1661447424.334:74): avc:  denied  { write } for  pid=3575 comm="sh" path="pipe:[29793]" dev="pipefs" ino=29793 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1
Warning: Permanently added '[localhost]:57721' (ECDSA) to the list of known hosts.
[   55.052321][   T39] audit: type=1400 audit(1661447427.844:75): avc:  denied  { execute } for  pid=3649 comm="sh" name="syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   55.071222][   T39] audit: type=1400 audit(1661447427.844:76): avc:  denied  { execute_no_trans } for  pid=3649 comm="sh" path="/syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
2022/08/25 17:10:28 fuzzer started
2022/08/25 17:10:28 dialing manager at localhost:40007
[   56.126212][   T39] audit: type=1400 audit(1661447428.914:77): avc:  denied  { mounton } for  pid=3676 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   56.136308][ T3676] cgroup: Unknown subsys name 'net'
[   56.144675][   T39] audit: type=1400 audit(1661447428.914:78): avc:  denied  { mount } for  pid=3676 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   56.164847][   T39] audit: type=1400 audit(1661447428.944:79): avc:  denied  { unmount } for  pid=3676 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   56.395458][ T3676] cgroup: Unknown subsys name 'rlimit'
[   56.552231][   T39] audit: type=1400 audit(1661447429.344:80): avc:  denied  { mounton } for  pid=3676 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
2022/08/25 17:10:29 syscalls: 3757
2022/08/25 17:10:29 code coverage: enabled
2022/08/25 17:10:29 comparison tracing: enabled
2022/08/25 17:10:29 extra coverage: enabled
2022/08/25 17:10:29 delay kcov mmap: enabled
2022/08/25 17:10:29 setuid sandbox: enabled
2022/08/25 17:10:29 namespace sandbox: enabled
2022/08/25 17:10:29 Android sandbox: enabled
2022/08/25 17:10:29 fault injection: enabled
2022/08/25 17:10:29 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2022/08/25 17:10:29 net packet injection: enabled
2022/08/25 17:10:29 net device setup: enabled
2022/08/25 17:10:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/08/25 17:10:29 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/08/25 17:10:29 USB emulation: enabled
2022/08/25 17:10:29 hci packet injection: enabled
2022/08/25 17:10:29 wifi device emulation: failed to parse kernel version (6.0.0-rc2-syzkaller-00054-gc40e8341e3b3                          )
2022/08/25 17:10:29 802.15.4 emulation: enabled
[   56.575091][   T39] audit: type=1400 audit(1661447429.344:81): avc:  denied  { mount } for  pid=3676 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
2022/08/25 17:10:29 fetching corpus: 0, signal 0/2000 (executing program)
[   56.603103][   T39] audit: type=1400 audit(1661447429.344:82): avc:  denied  { setattr } for  pid=3676 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   56.627857][   T39] audit: type=1400 audit(1661447429.344:83): avc:  denied  { create } for  pid=3676 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   56.650384][   T39] audit: type=1400 audit(1661447429.344:84): avc:  denied  { write } for  pid=3676 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   56.675965][   T39] audit: type=1400 audit(1661447429.344:85): avc:  denied  { read } for  pid=3676 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
2022/08/25 17:10:29 fetching corpus: 50, signal 41626/45208 (executing program)
2022/08/25 17:10:30 fetching corpus: 100, signal 58980/64054 (executing program)
2022/08/25 17:10:30 fetching corpus: 150, signal 73123/79605 (executing program)
2022/08/25 17:10:30 fetching corpus: 200, signal 83754/91561 (executing program)
2022/08/25 17:10:30 fetching corpus: 248, signal 97648/106587 (executing program)
2022/08/25 17:10:31 fetching corpus: 298, signal 105467/115633 (executing program)
2022/08/25 17:10:31 fetching corpus: 348, signal 112737/124021 (executing program)
2022/08/25 17:10:31 fetching corpus: 397, signal 117590/130050 (executing program)
2022/08/25 17:10:31 fetching corpus: 447, signal 124419/137890 (executing program)
2022/08/25 17:10:31 fetching corpus: 497, signal 129066/143624 (executing program)
2022/08/25 17:10:32 fetching corpus: 547, signal 134445/150007 (executing program)
2022/08/25 17:10:32 fetching corpus: 597, signal 138906/155482 (executing program)
2022/08/25 17:10:32 fetching corpus: 647, signal 142555/160132 (executing program)
2022/08/25 17:10:32 fetching corpus: 697, signal 146626/165160 (executing program)
2022/08/25 17:10:33 fetching corpus: 745, signal 149992/169551 (executing program)
2022/08/25 17:10:33 fetching corpus: 794, signal 153083/173585 (executing program)
2022/08/25 17:10:33 fetching corpus: 844, signal 156412/177873 (executing program)
2022/08/25 17:10:33 fetching corpus: 893, signal 158186/180672 (executing program)
2022/08/25 17:10:34 fetching corpus: 943, signal 161057/184411 (executing program)
2022/08/25 17:10:34 fetching corpus: 993, signal 163408/187664 (executing program)
2022/08/25 17:10:34 fetching corpus: 1043, signal 166351/191464 (executing program)
2022/08/25 17:10:34 fetching corpus: 1093, signal 168729/194684 (executing program)
2022/08/25 17:10:34 fetching corpus: 1143, signal 171003/197825 (executing program)
2022/08/25 17:10:35 fetching corpus: 1193, signal 174261/201771 (executing program)
2022/08/25 17:10:35 fetching corpus: 1243, signal 176480/204760 (executing program)
2022/08/25 17:10:35 fetching corpus: 1293, signal 178862/207880 (executing program)
2022/08/25 17:10:35 fetching corpus: 1343, signal 181969/211585 (executing program)
2022/08/25 17:10:35 fetching corpus: 1393, signal 185665/215770 (executing program)
2022/08/25 17:10:36 fetching corpus: 1443, signal 187667/218488 (executing program)
2022/08/25 17:10:36 fetching corpus: 1493, signal 189360/220927 (executing program)
2022/08/25 17:10:36 fetching corpus: 1543, signal 192709/224684 (executing program)
2022/08/25 17:10:36 fetching corpus: 1591, signal 195840/228275 (executing program)
2022/08/25 17:10:36 fetching corpus: 1641, signal 197840/230867 (executing program)
2022/08/25 17:10:37 fetching corpus: 1691, signal 200156/233738 (executing program)
2022/08/25 17:10:37 fetching corpus: 1739, signal 201919/236091 (executing program)
2022/08/25 17:10:37 fetching corpus: 1789, signal 203482/238337 (executing program)
2022/08/25 17:10:37 fetching corpus: 1839, signal 204880/240377 (executing program)
2022/08/25 17:10:37 fetching corpus: 1889, signal 206891/242996 (executing program)
2022/08/25 17:10:38 fetching corpus: 1939, signal 209201/245744 (executing program)
2022/08/25 17:10:38 fetching corpus: 1989, signal 211611/248582 (executing program)
2022/08/25 17:10:38 fetching corpus: 2039, signal 213637/251040 (executing program)
2022/08/25 17:10:39 fetching corpus: 2089, signal 215257/253215 (executing program)
2022/08/25 17:10:39 fetching corpus: 2139, signal 216861/255307 (executing program)
2022/08/25 17:10:39 fetching corpus: 2189, signal 219458/258239 (executing program)
2022/08/25 17:10:39 fetching corpus: 2239, signal 221217/260450 (executing program)
2022/08/25 17:10:39 fetching corpus: 2289, signal 223004/262703 (executing program)
2022/08/25 17:10:40 fetching corpus: 2339, signal 224359/264580 (executing program)
2022/08/25 17:10:40 fetching corpus: 2389, signal 226545/267037 (executing program)
2022/08/25 17:10:40 fetching corpus: 2439, signal 228245/269127 (executing program)
2022/08/25 17:10:40 fetching corpus: 2489, signal 230057/271272 (executing program)
2022/08/25 17:10:41 fetching corpus: 2539, signal 231481/273158 (executing program)
2022/08/25 17:10:41 fetching corpus: 2589, signal 233451/275418 (executing program)
2022/08/25 17:10:41 fetching corpus: 2639, signal 235259/277493 (executing program)
2022/08/25 17:10:41 fetching corpus: 2689, signal 236509/279122 (executing program)
2022/08/25 17:10:41 fetching corpus: 2739, signal 237711/280720 (executing program)
2022/08/25 17:10:42 fetching corpus: 2789, signal 238594/282116 (executing program)
2022/08/25 17:10:42 fetching corpus: 2839, signal 239741/283728 (executing program)
2022/08/25 17:10:42 fetching corpus: 2889, signal 241185/285494 (executing program)
2022/08/25 17:10:43 fetching corpus: 2939, signal 242867/287372 (executing program)
2022/08/25 17:10:43 fetching corpus: 2989, signal 244773/289432 (executing program)
2022/08/25 17:10:43 fetching corpus: 3039, signal 245393/290563 (executing program)
2022/08/25 17:10:43 fetching corpus: 3089, signal 246610/292117 (executing program)
2022/08/25 17:10:44 fetching corpus: 3139, signal 247989/293727 (executing program)
2022/08/25 17:10:44 fetching corpus: 3189, signal 249513/295447 (executing program)
2022/08/25 17:10:44 fetching corpus: 3239, signal 251339/297330 (executing program)
2022/08/25 17:10:44 fetching corpus: 3289, signal 252812/298983 (executing program)
2022/08/25 17:10:44 fetching corpus: 3339, signal 253719/300292 (executing program)
2022/08/25 17:10:45 fetching corpus: 3388, signal 254871/301693 (executing program)
2022/08/25 17:10:45 fetching corpus: 3438, signal 256201/303227 (executing program)
2022/08/25 17:10:45 fetching corpus: 3488, signal 258345/305275 (executing program)
2022/08/25 17:10:45 fetching corpus: 3538, signal 259970/306905 (executing program)
2022/08/25 17:10:45 fetching corpus: 3588, signal 261097/308243 (executing program)
2022/08/25 17:10:46 fetching corpus: 3638, signal 262073/309500 (executing program)
2022/08/25 17:10:46 fetching corpus: 3687, signal 262988/310695 (executing program)
2022/08/25 17:10:46 fetching corpus: 3737, signal 263886/311877 (executing program)
2022/08/25 17:10:46 fetching corpus: 3787, signal 266077/313832 (executing program)
2022/08/25 17:10:47 fetching corpus: 3837, signal 267276/315185 (executing program)
2022/08/25 17:10:47 fetching corpus: 3887, signal 268680/316649 (executing program)
2022/08/25 17:10:47 fetching corpus: 3937, signal 270162/318156 (executing program)
2022/08/25 17:10:47 fetching corpus: 3987, signal 271170/319381 (executing program)
2022/08/25 17:10:47 fetching corpus: 4037, signal 272322/320608 (executing program)
2022/08/25 17:10:48 fetching corpus: 4087, signal 273387/321826 (executing program)
2022/08/25 17:10:48 fetching corpus: 4137, signal 274189/322830 (executing program)
2022/08/25 17:10:49 fetching corpus: 4187, signal 275681/324209 (executing program)
2022/08/25 17:10:49 fetching corpus: 4237, signal 276669/325387 (executing program)
2022/08/25 17:10:50 fetching corpus: 4287, signal 277406/326368 (executing program)
2022/08/25 17:10:50 fetching corpus: 4337, signal 278612/327580 (executing program)
[   77.576250][ T1353] ieee802154 phy0 wpan0: encryption failed: -22
[   77.584588][ T1353] ieee802154 phy1 wpan1: encryption failed: -22
2022/08/25 17:10:50 fetching corpus: 4387, signal 279357/328530 (executing program)
2022/08/25 17:10:50 fetching corpus: 4436, signal 280433/329692 (executing program)
2022/08/25 17:10:50 fetching corpus: 4486, signal 281668/330877 (executing program)
2022/08/25 17:10:51 fetching corpus: 4536, signal 282640/331905 (executing program)
2022/08/25 17:10:51 fetching corpus: 4586, signal 284027/333170 (executing program)
2022/08/25 17:10:51 fetching corpus: 4636, signal 285083/334237 (executing program)
2022/08/25 17:10:51 fetching corpus: 4686, signal 286647/335546 (executing program)
2022/08/25 17:10:51 fetching corpus: 4736, signal 287228/336344 (executing program)
2022/08/25 17:10:52 fetching corpus: 4786, signal 288826/337653 (executing program)
2022/08/25 17:10:52 fetching corpus: 4836, signal 289855/338662 (executing program)
2022/08/25 17:10:52 fetching corpus: 4886, signal 290824/339662 (executing program)
2022/08/25 17:10:52 fetching corpus: 4936, signal 292095/340773 (executing program)
2022/08/25 17:10:52 fetching corpus: 4986, signal 293007/341703 (executing program)
2022/08/25 17:10:52 fetching corpus: 5036, signal 293913/342577 (executing program)
2022/08/25 17:10:52 fetching corpus: 5086, signal 294572/343350 (executing program)
2022/08/25 17:10:53 fetching corpus: 5136, signal 296300/344551 (executing program)
2022/08/25 17:10:53 fetching corpus: 5186, signal 297031/345327 (executing program)
2022/08/25 17:10:53 fetching corpus: 5236, signal 297872/346131 (executing program)
2022/08/25 17:10:53 fetching corpus: 5286, signal 298916/347036 (executing program)
2022/08/25 17:10:53 fetching corpus: 5336, signal 299584/347775 (executing program)
2022/08/25 17:10:53 fetching corpus: 5386, signal 300442/348561 (executing program)
2022/08/25 17:10:54 fetching corpus: 5436, signal 301768/349569 (executing program)
2022/08/25 17:10:54 fetching corpus: 5486, signal 303124/350582 (executing program)
2022/08/25 17:10:54 fetching corpus: 5536, signal 304187/351442 (executing program)
2022/08/25 17:10:54 fetching corpus: 5586, signal 305119/352269 (executing program)
2022/08/25 17:10:55 fetching corpus: 5636, signal 305977/353066 (executing program)
2022/08/25 17:10:55 fetching corpus: 5686, signal 306538/353734 (executing program)
2022/08/25 17:10:55 fetching corpus: 5736, signal 307345/354431 (executing program)
2022/08/25 17:10:55 fetching corpus: 5786, signal 307997/355186 (executing program)
2022/08/25 17:10:56 fetching corpus: 5836, signal 308656/355853 (executing program)
2022/08/25 17:10:56 fetching corpus: 5886, signal 309355/356522 (executing program)
2022/08/25 17:10:56 fetching corpus: 5936, signal 310370/357297 (executing program)
2022/08/25 17:10:56 fetching corpus: 5986, signal 311491/358068 (executing program)
2022/08/25 17:10:56 fetching corpus: 6036, signal 312742/358947 (executing program)
2022/08/25 17:10:57 fetching corpus: 6086, signal 313620/359640 (executing program)
2022/08/25 17:10:57 fetching corpus: 6136, signal 314800/360408 (executing program)
2022/08/25 17:10:57 fetching corpus: 6186, signal 315429/361017 (executing program)
2022/08/25 17:10:57 fetching corpus: 6236, signal 316191/361638 (executing program)
2022/08/25 17:10:57 fetching corpus: 6286, signal 316736/362189 (executing program)
2022/08/25 17:10:58 fetching corpus: 6336, signal 317340/362760 (executing program)
2022/08/25 17:10:58 fetching corpus: 6386, signal 318202/363334 (executing program)
2022/08/25 17:10:58 fetching corpus: 6436, signal 319226/364024 (executing program)
2022/08/25 17:10:58 fetching corpus: 6486, signal 320037/364641 (executing program)
2022/08/25 17:10:58 fetching corpus: 6536, signal 320867/365238 (executing program)
2022/08/25 17:10:59 fetching corpus: 6586, signal 321834/365829 (executing program)
2022/08/25 17:10:59 fetching corpus: 6636, signal 322722/366400 (executing program)
2022/08/25 17:10:59 fetching corpus: 6686, signal 323408/366935 (executing program)
2022/08/25 17:10:59 fetching corpus: 6736, signal 324062/367462 (executing program)
2022/08/25 17:10:59 fetching corpus: 6786, signal 324949/368049 (executing program)
2022/08/25 17:11:00 fetching corpus: 6836, signal 325840/368561 (executing program)
2022/08/25 17:11:00 fetching corpus: 6886, signal 326875/369182 (executing program)
2022/08/25 17:11:00 fetching corpus: 6936, signal 327522/369678 (executing program)
2022/08/25 17:11:00 fetching corpus: 6986, signal 328186/370195 (executing program)
2022/08/25 17:11:00 fetching corpus: 7036, signal 329104/370735 (executing program)
2022/08/25 17:11:01 fetching corpus: 7086, signal 329982/371260 (executing program)
2022/08/25 17:11:01 fetching corpus: 7136, signal 330487/371652 (executing program)
2022/08/25 17:11:01 fetching corpus: 7186, signal 331366/372238 (executing program)
2022/08/25 17:11:01 fetching corpus: 7236, signal 332005/372677 (executing program)
2022/08/25 17:11:01 fetching corpus: 7286, signal 332677/373107 (executing program)
2022/08/25 17:11:02 fetching corpus: 7336, signal 333368/373528 (executing program)
2022/08/25 17:11:02 fetching corpus: 7386, signal 333869/373902 (executing program)
2022/08/25 17:11:02 fetching corpus: 7436, signal 334673/374378 (executing program)
2022/08/25 17:11:03 fetching corpus: 7486, signal 335450/374792 (executing program)
2022/08/25 17:11:03 fetching corpus: 7536, signal 336284/375181 (executing program)
2022/08/25 17:11:03 fetching corpus: 7586, signal 337242/375662 (executing program)
2022/08/25 17:11:03 fetching corpus: 7636, signal 337680/376010 (executing program)
2022/08/25 17:11:03 fetching corpus: 7686, signal 338445/376384 (executing program)
2022/08/25 17:11:04 fetching corpus: 7736, signal 338980/376743 (executing program)
2022/08/25 17:11:04 fetching corpus: 7786, signal 339735/377243 (executing program)
2022/08/25 17:11:04 fetching corpus: 7836, signal 340454/377625 (executing program)
2022/08/25 17:11:04 fetching corpus: 7886, signal 341090/377960 (executing program)
2022/08/25 17:11:04 fetching corpus: 7936, signal 341700/378274 (executing program)
2022/08/25 17:11:04 fetching corpus: 7986, signal 342313/378613 (executing program)
2022/08/25 17:11:05 fetching corpus: 8036, signal 342971/378923 (executing program)
2022/08/25 17:11:05 fetching corpus: 8086, signal 343820/379247 (executing program)
2022/08/25 17:11:05 fetching corpus: 8136, signal 344416/379536 (executing program)
2022/08/25 17:11:05 fetching corpus: 8186, signal 345267/379899 (executing program)
[   92.935506][  T969] cfg80211: failed to load regulatory.db
2022/08/25 17:11:05 fetching corpus: 8236, signal 346174/380211 (executing program)
2022/08/25 17:11:06 fetching corpus: 8286, signal 346973/380504 (executing program)
2022/08/25 17:11:06 fetching corpus: 8336, signal 347451/380772 (executing program)
2022/08/25 17:11:06 fetching corpus: 8386, signal 347901/381041 (executing program)
2022/08/25 17:11:06 fetching corpus: 8436, signal 348593/381297 (executing program)
2022/08/25 17:11:06 fetching corpus: 8486, signal 349319/381591 (executing program)
2022/08/25 17:11:07 fetching corpus: 8536, signal 349819/381804 (executing program)
2022/08/25 17:11:07 fetching corpus: 8586, signal 350530/382052 (executing program)
2022/08/25 17:11:07 fetching corpus: 8636, signal 351118/382291 (executing program)
2022/08/25 17:11:08 fetching corpus: 8686, signal 352044/382574 (executing program)
2022/08/25 17:11:08 fetching corpus: 8736, signal 352551/382803 (executing program)
2022/08/25 17:11:08 fetching corpus: 8786, signal 353111/383028 (executing program)
2022/08/25 17:11:08 fetching corpus: 8836, signal 353761/383228 (executing program)
2022/08/25 17:11:08 fetching corpus: 8886, signal 354487/383437 (executing program)
2022/08/25 17:11:08 fetching corpus: 8936, signal 355314/383659 (executing program)
2022/08/25 17:11:09 fetching corpus: 8986, signal 356022/383856 (executing program)
2022/08/25 17:11:09 fetching corpus: 9036, signal 356553/384030 (executing program)
2022/08/25 17:11:09 fetching corpus: 9086, signal 357133/384234 (executing program)
2022/08/25 17:11:09 fetching corpus: 9136, signal 357820/384421 (executing program)
2022/08/25 17:11:09 fetching corpus: 9186, signal 358510/384579 (executing program)
2022/08/25 17:11:10 fetching corpus: 9236, signal 359254/384768 (executing program)
2022/08/25 17:11:10 fetching corpus: 9286, signal 359934/384910 (executing program)
2022/08/25 17:11:10 fetching corpus: 9336, signal 360515/385043 (executing program)
2022/08/25 17:11:10 fetching corpus: 9386, signal 361469/385200 (executing program)
2022/08/25 17:11:11 fetching corpus: 9436, signal 362261/385296 (executing program)
2022/08/25 17:11:11 fetching corpus: 9486, signal 362696/385323 (executing program)
2022/08/25 17:11:11 fetching corpus: 9536, signal 363063/385352 (executing program)
2022/08/25 17:11:11 fetching corpus: 9586, signal 363816/385361 (executing program)
2022/08/25 17:11:11 fetching corpus: 9636, signal 364268/385381 (executing program)
2022/08/25 17:11:11 fetching corpus: 9686, signal 365126/385457 (executing program)
2022/08/25 17:11:12 fetching corpus: 9736, signal 365631/385457 (executing program)
2022/08/25 17:11:12 fetching corpus: 9786, signal 366257/385458 (executing program)
2022/08/25 17:11:12 fetching corpus: 9836, signal 366854/385459 (executing program)
2022/08/25 17:11:12 fetching corpus: 9886, signal 367508/385479 (executing program)
2022/08/25 17:11:12 fetching corpus: 9936, signal 368117/385479 (executing program)
2022/08/25 17:11:13 fetching corpus: 9986, signal 368868/385481 (executing program)
2022/08/25 17:11:13 fetching corpus: 10036, signal 371504/385499 (executing program)
2022/08/25 17:11:13 fetching corpus: 10086, signal 372121/385602 (executing program)
2022/08/25 17:11:13 fetching corpus: 10136, signal 372908/385604 (executing program)
2022/08/25 17:11:13 fetching corpus: 10186, signal 373438/385629 (executing program)
2022/08/25 17:11:14 fetching corpus: 10236, signal 374228/385629 (executing program)
2022/08/25 17:11:14 fetching corpus: 10286, signal 374911/385629 (executing program)
2022/08/25 17:11:14 fetching corpus: 10336, signal 375404/385629 (executing program)
2022/08/25 17:11:14 fetching corpus: 10386, signal 375989/385629 (executing program)
2022/08/25 17:11:14 fetching corpus: 10436, signal 376349/385631 (executing program)
2022/08/25 17:11:15 fetching corpus: 10486, signal 377147/385631 (executing program)
2022/08/25 17:11:15 fetching corpus: 10536, signal 377507/385631 (executing program)
2022/08/25 17:11:15 fetching corpus: 10586, signal 378082/385631 (executing program)
2022/08/25 17:11:15 fetching corpus: 10615, signal 378373/385632 (executing program)
2022/08/25 17:11:15 fetching corpus: 10615, signal 378373/385632 (executing program)
2022/08/25 17:11:18 starting 4 fuzzer processes
17:11:18 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17:11:18 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

17:11:18 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40345410, &(0x7f0000002380)={0x1})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000000))

17:11:18 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x3, 0x2c)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00c642d, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205)
splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0)

[  106.019983][   T39] audit: type=1400 audit(1661447478.804:86): avc:  denied  { execmem } for  pid=3698 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  106.384024][   T39] audit: type=1400 audit(1661447479.174:87): avc:  denied  { mounton } for  pid=3703 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  106.399826][   T39] audit: type=1400 audit(1661447479.174:88): avc:  denied  { mount } for  pid=3704 comm="syz-executor.0" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  106.414169][   T39] audit: type=1400 audit(1661447479.184:89): avc:  denied  { create } for  pid=3704 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  106.426985][   T39] audit: type=1400 audit(1661447479.184:90): avc:  denied  { create } for  pid=3705 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  106.440224][   T39] audit: type=1400 audit(1661447479.184:91): avc:  denied  { read write } for  pid=3704 comm="syz-executor.0" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  106.455015][   T39] audit: type=1400 audit(1661447479.184:92): avc:  denied  { read write } for  pid=3705 comm="syz-executor.3" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  106.469243][   T39] audit: type=1400 audit(1661447479.184:93): avc:  denied  { open } for  pid=3704 comm="syz-executor.0" path="/dev/vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  107.435956][   T39] audit: type=1400 audit(1661447480.224:94): avc:  denied  { ioctl } for  pid=3705 comm="syz-executor.3" path="socket:[30844]" dev="sockfs" ino=30844 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  107.465192][ T3713] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  107.466440][ T3715] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.476904][ T3720] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  107.479904][ T3718] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  107.481338][ T3716] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  107.483563][ T3720] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  107.485262][ T3719] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  107.486431][ T3719] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  107.487615][ T3719] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  107.488182][ T3719] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  107.489929][ T3718] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  107.491093][ T3718] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  107.491651][ T3718] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  107.491987][ T3718] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  107.492357][ T3718] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  107.493933][ T3720] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  107.499366][ T3715] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.499761][ T3719] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  107.503097][   T39] audit: type=1400 audit(1661447480.284:95): avc:  denied  { read } for  pid=3706 comm="syz-executor.1" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  107.505746][ T3720] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  107.510878][ T3715] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.516855][ T3720] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  107.521590][ T3715] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.604004][ T3715] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  107.610558][ T3715] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.867289][ T3705] chnl_net:caif_netlink_parms(): no params data found
[  107.929565][ T3703] chnl_net:caif_netlink_parms(): no params data found
[  107.969690][ T3706] chnl_net:caif_netlink_parms(): no params data found
[  108.188497][ T3704] chnl_net:caif_netlink_parms(): no params data found
[  108.276813][ T3703] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.281605][ T3703] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.288731][ T3703] device bridge_slave_0 entered promiscuous mode
[  108.299134][ T3705] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.304287][ T3705] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.310697][ T3705] device bridge_slave_0 entered promiscuous mode
[  108.321870][ T3705] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.326509][ T3705] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.337806][ T3705] device bridge_slave_1 entered promiscuous mode
[  108.375316][ T3703] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.381228][ T3703] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.388167][ T3703] device bridge_slave_1 entered promiscuous mode
[  108.568743][ T3705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.577060][ T3706] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.581748][ T3706] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.587235][ T3706] device bridge_slave_0 entered promiscuous mode
[  108.597208][ T3703] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.605813][ T3705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.669110][ T3706] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.673589][ T3706] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.679204][ T3706] device bridge_slave_1 entered promiscuous mode
[  108.686637][ T3703] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.718243][ T3705] team0: Port device team_slave_0 added
[  108.796595][ T3705] team0: Port device team_slave_1 added
[  108.808869][ T3706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.824335][ T3703] team0: Port device team_slave_0 added
[  108.875627][ T3706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.883587][ T3703] team0: Port device team_slave_1 added
[  109.026149][ T3705] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.032205][ T3705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.054134][ T3705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.066514][ T3704] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.074388][ T3704] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.082534][ T3704] device bridge_slave_0 entered promiscuous mode
[  109.114739][ T3703] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.118864][ T3703] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.138473][ T3703] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.146812][ T3705] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.152245][ T3705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.172809][ T3705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.183674][ T3704] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.189542][ T3704] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.196952][ T3704] device bridge_slave_1 entered promiscuous mode
[  109.232041][ T3706] team0: Port device team_slave_0 added
[  109.237546][ T3703] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.242731][ T3703] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.260459][ T3703] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.289180][ T3706] team0: Port device team_slave_1 added
[  109.340768][ T3706] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.346340][ T3706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.365367][ T3706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.378572][ T3704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.389423][ T3704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.438761][ T3706] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.444953][ T3706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.464514][ T3706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.567943][ T3705] device hsr_slave_0 entered promiscuous mode
[  109.571730][ T1258] Bluetooth: hci1: command 0x0409 tx timeout
[  109.572121][  T969] Bluetooth: hci2: command 0x0409 tx timeout
[  109.580340][ T3492] Bluetooth: hci0: command 0x0409 tx timeout
[  109.584916][ T3705] device hsr_slave_1 entered promiscuous mode
[  109.597609][ T3703] device hsr_slave_0 entered promiscuous mode
[  109.602983][ T3703] device hsr_slave_1 entered promiscuous mode
[  109.607964][ T3703] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.614708][ T3703] Cannot create hsr debugfs directory
[  109.622537][ T3704] team0: Port device team_slave_0 added
[  109.650435][ T1258] Bluetooth: hci3: command 0x0409 tx timeout
[  109.663012][ T3704] team0: Port device team_slave_1 added
[  109.761536][ T3706] device hsr_slave_0 entered promiscuous mode
[  109.766903][ T3706] device hsr_slave_1 entered promiscuous mode
[  109.771661][ T3706] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.776773][ T3706] Cannot create hsr debugfs directory
[  109.816559][ T3704] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.822614][ T3704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.840056][ T3704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.901469][ T3704] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.906983][ T3704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.925254][ T3704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.117304][ T3704] device hsr_slave_0 entered promiscuous mode
[  110.123385][ T3704] device hsr_slave_1 entered promiscuous mode
[  110.129005][ T3704] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.135360][ T3704] Cannot create hsr debugfs directory
[  110.533189][ T3706] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  110.545778][ T3706] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  110.553335][ T3706] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  110.560952][ T3706] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  110.622189][ T3703] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  110.636863][ T3703] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  110.645334][ T3703] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  110.674481][ T3703] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  110.733981][ T3705] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  110.743704][ T3705] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  110.759795][ T3705] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  110.771042][ T3705] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  110.874534][ T3706] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.895814][ T3704] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.914887][ T3704] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.925437][ T3704] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.939409][ T3704] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.948224][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.957393][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.984739][ T3706] 8021q: adding VLAN 0 to HW filter on device team0
[  111.005696][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.013876][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.022749][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.029824][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.057719][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.063800][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.073667][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.079547][ T3149] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.084689][ T3149] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.091200][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  111.112375][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  111.139849][ T3703] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.147751][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  111.153952][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  111.162487][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  111.195482][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  111.203672][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  111.208820][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  111.216880][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.226722][ T3706] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  111.234334][ T3706] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  111.245954][ T3705] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.264735][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  111.272535][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.278237][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.284736][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.305934][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.313747][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.326462][ T3703] 8021q: adding VLAN 0 to HW filter on device team0
[  111.344428][ T3705] 8021q: adding VLAN 0 to HW filter on device team0
[  111.349015][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.356663][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.362271][ T3742] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.367810][ T3742] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.390875][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.397532][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.405550][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.413477][ T3742] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.419094][ T3742] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.426533][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  111.434780][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  111.462619][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.469607][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.477309][ T3363] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.482660][ T3363] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.488271][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  111.493885][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  111.524721][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.531670][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  111.539652][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  111.547578][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.555550][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.562239][ T3363] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.566686][ T3363] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.573206][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  111.580657][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  111.587732][ T3363] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  111.598759][ T3706] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.630249][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  111.630270][   T39] audit: type=1400 audit(1661447484.414:98): avc:  denied  { module_request } for  pid=3706 comm="syz-executor.1" kmod="netdev-xfrm0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  111.634764][ T3704] 8021q: adding VLAN 0 to HW filter on device bond0
[  111.653872][   T39] audit: type=1400 audit(1661447484.424:99): avc:  denied  { sys_module } for  pid=3706 comm="syz-executor.1" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  111.660620][  T969] Bluetooth: hci0: command 0x041b tx timeout
[  111.664002][ T3743] Bluetooth: hci1: command 0x041b tx timeout
[  111.682869][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  111.688061][  T969] Bluetooth: hci2: command 0x041b tx timeout
[  111.689625][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  111.698731][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  111.705440][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  111.713016][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  111.719580][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.726932][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  111.734947][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  111.740673][ T3363] Bluetooth: hci3: command 0x041b tx timeout
[  111.746002][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  111.753092][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  111.759013][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  111.766583][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.773654][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  111.784162][ T3703] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  111.794343][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  111.801047][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  111.818351][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  111.825564][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  111.834291][ T3704] 8021q: adding VLAN 0 to HW filter on device team0
[  111.844975][ T3705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  111.867377][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.875690][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.888009][ T3740] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.893472][ T3740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.901064][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.922348][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  111.928561][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  111.935602][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.944063][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.951143][ T3743] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.956240][ T3743] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.963305][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  111.970395][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  111.976579][ T3743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  111.996452][ T3705] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.009870][ T3703] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.031036][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  112.039020][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.046437][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.053444][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  112.062029][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  112.068345][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  112.076000][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  112.101707][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  112.121762][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  112.129088][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  112.159584][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  112.166840][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  112.175661][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.184032][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.193093][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.199524][ T3742] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.206874][ T3706] device veth0_vlan entered promiscuous mode
[  112.225160][ T3704] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  112.239086][ T3706] device veth1_vlan entered promiscuous mode
[  112.256887][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  112.263614][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  112.271032][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.277793][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.310862][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  112.316366][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  112.339655][ T3704] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.353034][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.362046][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.368362][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.375720][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.383387][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.390031][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.400173][ T3705] device veth0_vlan entered promiscuous mode
[  112.416234][ T3705] device veth1_vlan entered promiscuous mode
[  112.446648][ T3706] device veth0_macvtap entered promiscuous mode
[  112.457318][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  112.468589][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  112.475121][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.481982][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.488290][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  112.494108][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  112.500544][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  112.506583][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  112.512792][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  112.519967][ T3706] device veth1_macvtap entered promiscuous mode
[  112.527559][ T3703] device veth0_vlan entered promiscuous mode
[  112.543580][ T3703] device veth1_vlan entered promiscuous mode
[  112.569133][ T3706] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.577318][ T3706] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.589945][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.597513][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  112.604237][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  112.611367][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.618611][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.625923][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.633588][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.641570][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.647932][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.660229][ T3706] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.665511][ T3706] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.671998][ T3706] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.678698][ T3706] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.697376][ T3705] device veth0_macvtap entered promiscuous mode
[  112.733656][ T3705] device veth1_macvtap entered promiscuous mode
[  112.745535][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  112.752040][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.758575][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  112.765510][ T3740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  112.793071][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  112.797654][   T39] audit: type=1400 audit(1661447485.584:100): avc:  denied  { mounton } for  pid=3706 comm="syz-executor.1" path="/dev/binderfs" dev="devtmpfs" ino=2383 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  112.799063][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  112.816874][   T39] audit: type=1400 audit(1661447485.584:101): avc:  denied  { mount } for  pid=3706 comm="syz-executor.1" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  112.826832][ T3703] device veth0_macvtap entered promiscuous mode
[  112.849406][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  112.859247][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.869255][ T3705] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.887645][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  112.894664][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.900741][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.908826][ T3705] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  112.915857][ T3705] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.925760][ T3705] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.933039][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.941987][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  112.958427][ T3703] device veth1_macvtap entered promiscuous mode
[  112.983869][   T39] audit: type=1400 audit(1661447485.774:102): avc:  denied  { read write } for  pid=3706 comm="syz-executor.1" name="loop1" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  112.994876][ T3705] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.001234][   T39] audit: type=1400 audit(1661447485.774:103): avc:  denied  { open } for  pid=3706 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
17:11:25 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

[  113.001269][   T39] audit: type=1400 audit(1661447485.774:104): avc:  denied  { ioctl } for  pid=3706 comm="syz-executor.1" path="/dev/loop1" dev="devtmpfs" ino=657 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  113.011382][ T3705] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.028324][   T39] audit: type=1400 audit(1661447485.804:105): avc:  denied  { create } for  pid=3771 comm="syz-executor.1" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
17:11:25 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

[  113.047158][ T3705] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.047208][ T3705] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.055499][ T3704] device veth0_vlan entered promiscuous mode
17:11:25 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

[  113.068566][   T39] audit: type=1400 audit(1661447485.804:106): avc:  denied  { ioctl } for  pid=3771 comm="syz-executor.1" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=31140 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  113.076185][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  113.112880][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
17:11:25 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

[  113.120408][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  113.127187][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.136255][ T3703] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.154884][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  113.161853][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  113.167918][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  113.175455][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  113.182792][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  113.194396][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  113.201886][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  113.212434][   T39] audit: type=1400 audit(1661447486.004:107): avc:  denied  { read } for  pid=3114 comm="syslogd" name="log" dev="sda1" ino=1125 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  113.220624][ T3704] device veth1_vlan entered promiscuous mode
[  113.238583][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  113.246437][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.253358][ T3703] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  113.261269][ T3703] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.270861][ T3703] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.283177][ T3703] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.288975][ T3703] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.296324][ T3703] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.304380][ T3703] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.320649][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  113.327010][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.398935][ T3704] device veth0_macvtap entered promiscuous mode
[  113.411640][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  113.418195][  T969] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  113.427868][   T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  113.437872][ T3704] device veth1_macvtap entered promiscuous mode
[  113.479804][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  113.494341][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.500615][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  113.508386][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.516283][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[  113.525279][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.533537][ T3704] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.545526][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  113.553811][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  113.560413][ T3149] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  113.575066][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  113.582459][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.590670][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  113.598004][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.604959][ T3704] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[  113.611567][ T3704] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.621232][ T3704] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.628097][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  113.635041][ T3741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.645377][ T3704] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.651641][ T3704] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.658708][ T3704] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.664649][ T3704] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.731292][ T3741] Bluetooth: hci0: command 0x040f tx timeout
[  113.731600][ T3363] Bluetooth: hci2: command 0x040f tx timeout
[  113.735080][ T3741] Bluetooth: hci1: command 0x040f tx timeout
[  113.738008][ T3790] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  113.756783][ T3790] Zero length message leads to an empty skb
17:11:26 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

17:11:26 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40345410, &(0x7f0000002380)={0x1})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000000))

17:11:26 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[  113.798875][ T3796] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  113.811121][ T3743] Bluetooth: hci3: command 0x040f tx timeout
17:11:27 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x3, 0x2c)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00c642d, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205)
splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0)

17:11:27 executing program 1:
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000980))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00007ef000/0x3000)=nil, 0xffffdf811000}, 0x1})

17:11:27 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40345410, &(0x7f0000002380)={0x1})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000000))

17:11:27 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

[  114.252864][ T3801] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
17:11:27 executing program 2:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000002240), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40345410, &(0x7f0000002380)={0x1})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000000))

17:11:27 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17:11:27 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

17:11:27 executing program 2:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

[  114.324353][ T3811] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  114.326475][ T3809] 9p: Unknown access argument 18446744073709551615: -34
[  114.348684][ T3813] loop2: detected capacity change from 0 to 320
[  114.371346][ T3813]  loop2:
17:11:27 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x3, 0x2c)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00c642d, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205)
splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0)

17:11:27 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

17:11:27 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x14}}}, 0x30}}, 0x0)

17:11:27 executing program 2:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

[  115.126626][ T3818] 9p: Unknown access argument 18446744073709551615: -34
[  115.127781][ T3819] loop2: detected capacity change from 0 to 320
17:11:27 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x14}}}, 0x30}}, 0x0)

[  115.143806][ T3819]  loop2:
17:11:27 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

17:11:27 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x14}}}, 0x30}}, 0x0)

[  115.186246][ T3826] 9p: Unknown access argument 18446744073709551615: -34
17:11:28 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(0xffffffffffffffff)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d, 0xffffffffffffffff}}]}})

[  115.235281][ T3832] 9p: Unknown access argument 18446744073709551615: -34
[  115.812274][ T3743] Bluetooth: hci0: command 0x0419 tx timeout
[  115.812642][ T3363] Bluetooth: hci1: command 0x0419 tx timeout
[  115.820231][ T3363] Bluetooth: hci2: command 0x0419 tx timeout
[  115.890465][ T3743] Bluetooth: hci3: command 0x0419 tx timeout
17:11:28 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6(0xa, 0x3, 0x2c)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00c642d, 0x0)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[], 0x3)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000080)=0x1)
write$binfmt_misc(r1, &(0x7f0000000080)=ANY=[], 0x2bb98205)
splice(r0, 0x0, r2, 0x0, 0x4ff9c, 0x0)

17:11:28 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x14}}}, 0x30}}, 0x0)

17:11:28 executing program 1:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

17:11:28 executing program 2:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

[  115.992196][ T3836] loop2: detected capacity change from 0 to 320
[  115.998524][ T3838] loop1: detected capacity change from 0 to 320
17:11:28 executing program 0:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

[  116.012675][ T3836]  loop2:
[  116.016467][ T3838]  loop1:
[  116.030020][ T3842] loop0: detected capacity change from 0 to 320
[  116.042783][ T3842]  loop0:
17:11:29 executing program 2:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

17:11:29 executing program 1:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

17:11:29 executing program 0:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

[  116.432330][ T3849] loop1: detected capacity change from 0 to 320
[  116.434197][ T3850] loop2: detected capacity change from 0 to 320
[  116.438858][ T3707] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.447124][ T3850]  loop2:
[  116.452287][ T3707] Buffer I/O error on dev loop1, logical block 0, async page read
[  116.464943][ T3707]  loop1:
[  116.467062][ T3852] loop0: detected capacity change from 0 to 320
[  116.473973][ T3852]  loop0:
17:11:29 executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

[  116.887434][   T39] kauditd_printk_skb: 26 callbacks suppressed
[  116.887452][   T39] audit: type=1400 audit(1661447489.674:134): avc:  denied  { node_bind } for  pid=3856 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
17:11:29 executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

17:11:29 executing program 1:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

17:11:29 executing program 2:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

17:11:29 executing program 0:
syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[])
chdir(&(0x7f0000000080)='./file0\x00')
r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r1, 0x800)
lseek(r1, 0x200, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
sendfile(r1, r2, 0x0, 0xe200)

17:11:29 executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

[  116.969249][ T3861] loop1: detected capacity change from 0 to 320
[  116.970811][ T3696] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
17:11:29 executing program 2:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

[  116.994954][ T3867] loop0: detected capacity change from 0 to 320
17:11:29 executing program 3:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

[  116.995643][ T3696] Buffer I/O error on dev loop1, logical block 0, async page read
[  116.998574][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.998597][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.998638][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
17:11:29 executing program 2:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x1a, &(0x7f00000002c0)=ANY=[@ANYRESDEC], 0x348)
bind$inet6(r0, &(0x7f00000006c0), 0x1c)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000540)={0x0, 0xffffffffffffff76, "7a3ac21c9eb09d00e5f704ecf4d91970bbeb161830d27c0c3a0fa4683375d40209e93478e62bc942c0cef67c3c31e7909af1aaf16e59920d46319fe36dbee01ce5eabea15ac5c2335fea456ae0462f483313f46b453fdcca648763dc67ea996629593b36ae36dcad0f352ab58266a366bb7e5587600a94633601bf5206cdfbab3db974c54dc984a92b72e12ed075bebc3cba58e520da5f72aea04aecea92089057057e88dee1c7c9"}, &(0x7f0000000140)=0xffc2)

[  116.998654][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.998850][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.998868][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.998906][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.998922][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.998955][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.998971][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.999030][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.999046][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
17:11:29 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

[  116.999085][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.999101][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.999134][ T3707] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  116.999149][ T3707] Buffer I/O error on dev loop0, logical block 0, async page read
[  116.999173][ T3707] ldm_validate_partition_table(): Disk read failed.
[  116.999314][ T3707] Dev loop0: unable to read RDB block 0
[  116.999580][ T3707]  loop0: unable to read partition table
[  117.119112][ T3696]  loop1:
[  117.143858][   T39] audit: type=1326 audit(1661447489.934:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz-executor.3" exe="/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf5f689279 code=0x7ffc0000
[  117.160869][   T39] audit: type=1326 audit(1661447489.934:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz-executor.3" exe="/syz-executor.3" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7faf5f689279 code=0x7ffc0000
[  117.179542][   T39] audit: type=1326 audit(1661447489.934:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz-executor.3" exe="/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf5f689279 code=0x7ffc0000
[  117.197858][   T39] audit: type=1326 audit(1661447489.934:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz-executor.3" exe="/syz-executor.3" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7faf5f689279 code=0x7ffc0000
[  117.215453][   T39] audit: type=1326 audit(1661447489.934:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3875 comm="syz-executor.3" exe="/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf5f689279 code=0x7ffc0000
[  117.234413][   T39] audit: type=1804 audit(1661447490.004:140): pid=3861 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir3653781327/syzkaller.uajvqU/13/file0/bus" dev="sda1" ino=1147 res=1 errno=0
[  117.258351][   T39] audit: type=1800 audit(1661447490.004:141): pid=3861 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1147 res=0 errno=0
[  117.275940][   T39] audit: type=1804 audit(1661447490.014:142): pid=3874 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir1201032444/syzkaller.kG6BBQ/10/file0/bus" dev="sda1" ino=1149 res=1 errno=0
[  117.299086][   T39] audit: type=1800 audit(1661447490.014:143): pid=3874 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1149 res=0 errno=0
17:11:30 executing program 2:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000001c0)='[', 0x1, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000004c0)="1d4c3c81acf7085fe4ed87081fce292ad10aed7ec65026e728a6de0000b34c7cfc79e5f5f391998c208d27c7436441299c427cadd7c7ece23ff97efb2c16bd94ee2809135e4b75fedf96bfc15ddfc5d1dfb391e8468aaf88a474ec12814e8328fde804e884c577b955411732ee809b53c5cc97bef1f4d37bf331c239cbe6410269c9424e5b0b1645911d27696ef085e91905b26a3876ed579164d62fae58a0ff39b8829473d109422c5a7b7525405e074b32c0cb676435b027d544f33f6e63635d5a4a171d1648c5df51768cbd591a7f0d7e7484002b72501f943b8c5bbb35f264b9b21df137b1fbda2285a90e1ae244f0", 0xf1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="ac", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r2}, &(0x7f0000000400)=""/129, 0x81, &(0x7f00000003c0)={&(0x7f0000000340)={'sha256-ssse3\x00'}})

17:11:30 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

17:11:30 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

17:11:30 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

17:11:30 executing program 2:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000001c0)='[', 0x1, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000004c0)="1d4c3c81acf7085fe4ed87081fce292ad10aed7ec65026e728a6de0000b34c7cfc79e5f5f391998c208d27c7436441299c427cadd7c7ece23ff97efb2c16bd94ee2809135e4b75fedf96bfc15ddfc5d1dfb391e8468aaf88a474ec12814e8328fde804e884c577b955411732ee809b53c5cc97bef1f4d37bf331c239cbe6410269c9424e5b0b1645911d27696ef085e91905b26a3876ed579164d62fae58a0ff39b8829473d109422c5a7b7525405e074b32c0cb676435b027d544f33f6e63635d5a4a171d1648c5df51768cbd591a7f0d7e7484002b72501f943b8c5bbb35f264b9b21df137b1fbda2285a90e1ae244f0", 0xf1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="ac", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r2}, &(0x7f0000000400)=""/129, 0x81, &(0x7f00000003c0)={&(0x7f0000000340)={'sha256-ssse3\x00'}})

17:11:30 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MPU={0x8}]}}]}, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17:11:30 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

[  117.907942][ T3889] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
17:11:30 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

17:11:30 executing program 2:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000001c0)='[', 0x1, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000004c0)="1d4c3c81acf7085fe4ed87081fce292ad10aed7ec65026e728a6de0000b34c7cfc79e5f5f391998c208d27c7436441299c427cadd7c7ece23ff97efb2c16bd94ee2809135e4b75fedf96bfc15ddfc5d1dfb391e8468aaf88a474ec12814e8328fde804e884c577b955411732ee809b53c5cc97bef1f4d37bf331c239cbe6410269c9424e5b0b1645911d27696ef085e91905b26a3876ed579164d62fae58a0ff39b8829473d109422c5a7b7525405e074b32c0cb676435b027d544f33f6e63635d5a4a171d1648c5df51768cbd591a7f0d7e7484002b72501f943b8c5bbb35f264b9b21df137b1fbda2285a90e1ae244f0", 0xf1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="ac", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r2}, &(0x7f0000000400)=""/129, 0x81, &(0x7f00000003c0)={&(0x7f0000000340)={'sha256-ssse3\x00'}})

17:11:30 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MPU={0x8}]}}]}, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17:11:30 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0005}]})
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f00000002c0)=[{}], 0x1, 0x0, 0x0, 0x0)

17:11:30 executing program 2:
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000001c0)='[', 0x1, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, &(0x7f00000004c0)="1d4c3c81acf7085fe4ed87081fce292ad10aed7ec65026e728a6de0000b34c7cfc79e5f5f391998c208d27c7436441299c427cadd7c7ece23ff97efb2c16bd94ee2809135e4b75fedf96bfc15ddfc5d1dfb391e8468aaf88a474ec12814e8328fde804e884c577b955411732ee809b53c5cc97bef1f4d37bf331c239cbe6410269c9424e5b0b1645911d27696ef085e91905b26a3876ed579164d62fae58a0ff39b8829473d109422c5a7b7525405e074b32c0cb676435b027d544f33f6e63635d5a4a171d1648c5df51768cbd591a7f0d7e7484002b72501f943b8c5bbb35f264b9b21df137b1fbda2285a90e1ae244f0", 0xf1, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000080), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000240)="ac", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r0, r1, r2}, &(0x7f0000000400)=""/129, 0x81, &(0x7f00000003c0)={&(0x7f0000000340)={'sha256-ssse3\x00'}})

17:11:30 executing program 3:
socket$inet6(0x10, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000cc0)=@filter={'filter\x00', 0x50, 0x4, 0x3a0, 0xd0, 0xd0, 0x0, 0xd0, 0x0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@ipv6={@mcast1, @mcast1, [], [], 'dummy0\x00', 'vcan0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@frag={{0x30}}, @common=@ipv6header={{0x28}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r1 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x800)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f00000000c0))
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

[  117.968788][ T3897] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  118.004034][ T3902] x_tables: ip6_tables: REJECT target: used from hooks POSTROUTING, but only usable from INPUT/FORWARD/OUTPUT
17:11:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newtaction={0x74, 0x30, 0x727, 0x0, 0x0, {}, [{0x60, 0x1, [@m_ct={0x5c, 0x1, 0x0, 0x0, {{0x7}, {0x34, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @empty}, @TCA_CT_ACTION={0x6, 0x3, 0x28}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @dev}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)

17:11:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1003], 0x10000})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000140)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000056f000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f00000000c0)="66ba4000b0c2ee66bad104b829280000efea0e0000000a00b8050000000f23d80f21f835c00000a00f23f8653e65f30f21c62e0fae2b0f01c2b8060000000f23d00f21f835200000000f23f8c4c3a1cf830000000002d9f7", 0x58}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$null(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)

17:11:30 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={0x0, 0x68}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MPU={0x8}]}}]}, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

17:11:30 executing program 3:
socket$inet6(0x10, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000cc0)=@filter={'filter\x00', 0x50, 0x4, 0x3a0, 0xd0, 0xd0, 0x0, 0xd0, 0x0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@ipv6={@mcast1, @mcast1, [], [], 'dummy0\x00', 'vcan0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@frag={{0x30}}, @common=@ipv6header={{0x28}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r1 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x800)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f00000000c0))
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

[  118.051231][ T3905] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  118.055057][ T3910] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
17:11:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newtaction={0x74, 0x30, 0x727, 0x0, 0x0, {}, [{0x60, 0x1, [@m_ct={0x5c, 0x1, 0x0, 0x0, {{0x7}, {0x34, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @empty}, @TCA_CT_ACTION={0x6, 0x3, 0x28}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @dev}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)

[  118.077027][ T3912] x_tables: ip6_tables: REJECT target: used from hooks POSTROUTING, but only usable from INPUT/FORWARD/OUTPUT
17:11:30 executing program 3:
socket$inet6(0x10, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000cc0)=@filter={'filter\x00', 0x50, 0x4, 0x3a0, 0xd0, 0xd0, 0x0, 0xd0, 0x0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x2d0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@ipv6={@mcast1, @mcast1, [], [], 'dummy0\x00', 'vcan0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@frag={{0x30}}, @common=@ipv6header={{0x28}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
r1 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x800)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f00000000c0))
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

[  118.106073][ T3915] ------------[ cut here ]------------
[  118.111458][ T3915] WARNING: CPU: 0 PID: 3915 at kernel/cpu.c:347 lockdep_assert_cpus_held+0xbd/0xe0
[  118.130848][ T3915] Modules linked in:
[  118.134908][ T3915] CPU: 2 PID: 3915 Comm: kvm-nx-lpage-re Not tainted 6.0.0-rc2-syzkaller-00054-gc40e8341e3b3 #0
[  118.147885][ T3915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[  118.156347][ T3915] RIP: 0010:lockdep_assert_cpus_held+0xbd/0xe0
[  118.161585][ T3915] Code: e8 88 11 34 00 be ff ff ff ff 48 c7 c7 70 39 e3 8b e8 b7 14 38 08 31 ff 89 c3 89 c6 e8 2c 0e 34 00 85 db 75 d5 e8 63 11 34 00 <0f> 0b eb cc 48 c7 c7 04 c4 dd 8d e8 93 b7 7f 00 e9 62 ff ff ff 48
[  118.179540][ T3915] RSP: 0018:ffffc90003f2fc28 EFLAGS: 00010293
[  118.184571][ T3915] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  118.190050][ T3915] RDX: ffff8880683de140 RSI: ffffffff814728bd RDI: 0000000000000005
[  118.194655][ T3915] RBP: ffff888066662000 R08: 0000000000000005 R09: 0000000000000000
[  118.202243][ T3915] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90003f2fde0
[  118.215660][ T3915] R13: ffffffff8bfd96e0 R14: 1ffff920007e5f8c R15: ffffc90003f2fe04
[  118.221199][ T3915] FS:  0000000000000000(0000) GS:ffff88802ca00000(0000) knlGS:0000000000000000
[  118.227075][ T3915] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  118.232512][ T3915] CR2: 00007faf606d53a5 CR3: 0000000043357000 CR4: 0000000000152ee0
[  118.237866][ T3915] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  118.243569][ T3915] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  118.249291][ T3915] Call Trace:
[  118.252269][ T3915]  <TASK>
[  118.254510][ T3915]  cpuset_attach+0x92/0x520
[  118.257981][ T3915]  ? guarantee_online_cpus+0x4d0/0x4d0
[  118.261630][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.265126][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.268599][ T3915]  cgroup_migrate_execute+0xbc7/0x1220
[  118.273547][ T3915]  cgroup_attach_task+0x416/0x7c0
[  118.277935][ T3915]  ? cgroup_migrate+0x1f0/0x1f0
[  118.282332][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.286466][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.290855][ T3915]  cgroup_attach_task_all+0xde/0x140
[  118.295336][ T3915]  kvm_vm_worker_thread+0xdd/0x5a0
[  118.299493][ T3915]  ? kvm_mmu_pte_write+0xdc0/0xdc0
[  118.302815][ T3915]  ? __bpf_trace_kvm_unmap_hva_range+0xe0/0xe0
[  118.307287][ T3915]  kthread+0x2e4/0x3a0
[  118.310785][ T3915]  ? kthread_complete_and_exit+0x40/0x40
[  118.315166][ T3915]  ret_from_fork+0x1f/0x30
[  118.318842][ T3915]  </TASK>
[  118.321578][ T3915] Kernel panic - not syncing: panic_on_warn set ...
[  118.326590][ T3915] CPU: 2 PID: 3915 Comm: kvm-nx-lpage-re Not tainted 6.0.0-rc2-syzkaller-00054-gc40e8341e3b3 #0
[  118.334521][ T3915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[  118.340428][ T3915] Call Trace:
[  118.342932][ T3915]  <TASK>
[  118.345193][ T3915]  dump_stack_lvl+0xcd/0x134
[  118.348955][ T3915]  panic+0x2c8/0x627
[  118.351886][ T3915]  ? panic_print_sys_info.part.0+0x10b/0x10b
[  118.356285][ T3915]  ? __warn.cold+0x248/0x2c4
[  118.359174][ T3915]  ? lockdep_assert_cpus_held+0xbd/0xe0
[  118.363194][ T3915]  __warn.cold+0x259/0x2c4
[  118.366164][ T3915]  ? lockdep_assert_cpus_held+0xbd/0xe0
[  118.370410][ T3915]  report_bug+0x1bc/0x210
[  118.373677][ T3915]  handle_bug+0x3c/0x60
[  118.376500][ T3915]  exc_invalid_op+0x14/0x40
[  118.380115][ T3915]  asm_exc_invalid_op+0x16/0x20
[  118.383547][ T3915] RIP: 0010:lockdep_assert_cpus_held+0xbd/0xe0
[  118.388234][ T3915] Code: e8 88 11 34 00 be ff ff ff ff 48 c7 c7 70 39 e3 8b e8 b7 14 38 08 31 ff 89 c3 89 c6 e8 2c 0e 34 00 85 db 75 d5 e8 63 11 34 00 <0f> 0b eb cc 48 c7 c7 04 c4 dd 8d e8 93 b7 7f 00 e9 62 ff ff ff 48
[  118.400505][ T3915] RSP: 0018:ffffc90003f2fc28 EFLAGS: 00010293
[  118.403839][ T3915] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  118.408371][ T3915] RDX: ffff8880683de140 RSI: ffffffff814728bd RDI: 0000000000000005
[  118.413317][ T3915] RBP: ffff888066662000 R08: 0000000000000005 R09: 0000000000000000
[  118.418313][ T3915] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90003f2fde0
[  118.423239][ T3915] R13: ffffffff8bfd96e0 R14: 1ffff920007e5f8c R15: ffffc90003f2fe04
[  118.428176][ T3915]  ? lockdep_assert_cpus_held+0xbd/0xe0
[  118.431959][ T3915]  ? lockdep_assert_cpus_held+0xbd/0xe0
[  118.435823][ T3915]  cpuset_attach+0x92/0x520
[  118.438338][ T3915]  ? guarantee_online_cpus+0x4d0/0x4d0
[  118.441635][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.444933][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.448272][ T3915]  cgroup_migrate_execute+0xbc7/0x1220
[  118.451788][ T3915]  cgroup_attach_task+0x416/0x7c0
[  118.454961][ T3915]  ? cgroup_migrate+0x1f0/0x1f0
[  118.458136][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.461447][ T3915]  ? _raw_spin_unlock_irq+0x1f/0x40
[  118.464653][ T3915]  cgroup_attach_task_all+0xde/0x140
[  118.468137][ T3915]  kvm_vm_worker_thread+0xdd/0x5a0
[  118.471880][ T3915]  ? kvm_mmu_pte_write+0xdc0/0xdc0
[  118.475329][ T3915]  ? __bpf_trace_kvm_unmap_hva_range+0xe0/0xe0
[  118.478981][ T3915]  kthread+0x2e4/0x3a0
[  118.482080][ T3915]  ? kthread_complete_and_exit+0x40/0x40
[  118.486307][ T3915]  ret_from_fork+0x1f/0x30
[  118.489110][ T3915]  </TASK>
[  118.492448][ T3915] Kernel Offset: disabled
[  118.495366][ T3915] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:11:31  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88802cb3f7a0 RCX=0000000000000000 RDX=ffff888014a86080
RSI=ffffffff817085c1 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000907948
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed1005967ef5 R13=0000000000000003 R14=dffffc0000000000 R15=0000000000000001
RIP=ffffffff817085c8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802c800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b33124000 CR3=000000000bc8e000 CR4=00152ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a0a XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=72656b2074612035313933203a444950
XMM04=55504e49206d6f726620656c62617375 XMM05=4f5254534f5020736b6f6f68206d6f72
XMM06=43454a4552203a73656c6261745f3670 XMM07=3354205b5d3732303737302e38313120
XMM08=2b646c65685f737570635f7472657373 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88801dd50100 RCX=ffffffff83c4fdea RDX=ffff88801f232200
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffc90002ebf860 RSP=ffffc90002ebf730
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000002 R11=000000000008c07c
R12=ffff88801dd50100 R13=0000000000000002 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff817b3615 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f135f62c840 ffffffff 00c00000
GS =0000 ffff88802c900000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b33024000 CR3=000000001e712000 CR4=00152ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00ff000000000000ff00000000000000
XMM02=00000000000000000000000000000000 XMM03=0000000000ff0000000000ff00000000
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=ffff000000000000ffffff0000000000
XMM06=ffffffffffff0000ffffffffffffffff XMM07=00000000000000000000000000000000
XMM08=3d5145534b534944333230302c323230 XMM09=00000000000000000000000000000000
XMM10=20202000002020202020202020202020 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=0000000000109b11 RBX=ffff888012532040 RCX=ffffffff897f4825 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000002 RSP=ffffc9000068fe00
R8 =0000000000000001 R9 =ffff88802ca34c4b R10=ffffed1005946989 R11=0000000000000001
R12=ffffed10024a6408 R13=0000000000000002 R14=ffffffff8dddf3d0 R15=0000000000000000
RIP=ffffffff89824e5b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007faf606d53a5 CR3=000000006204f000 CR4=00152ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=0000000000059dd9 RBX=ffff888012536080 RCX=ffffffff897f4825 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc9000069fe00
R8 =0000000000000001 R9 =ffff88802cb34c4b R10=ffffed1005966989 R11=0000000000000000
R12=ffffed10024a6c10 R13=0000000000000003 R14=ffffffff8dddf3d0 R15=0000000000000000
RIP=ffffffff89824e5b RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cb00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32f22000 CR3=0000000064d75000 CR4=00152ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=d8230f00000005b8000a0000000eeaef
XMM02=0ff3653e65f8230fa00000c035f8210f XMM03=230f00000006b8c2010f2bae0f2ec621
XMM04=f7d9020000000083cfa1c3c4f8230f00 XMM05=00002035f8210fd0230f00000006b8c2
XMM06=010f2bae0f2ec6210ff3653e65f8230f XMM07=a00000c035f8210fd8230f00000005b8
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000