syzkaller login: [ 231.704862][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 231.774162][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 258.547434][ T2895] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:60024' (ECDSA) to the list of known hosts. 1970/01/01 00:04:39 fuzzer started 1970/01/01 00:04:50 dialing manager at localhost:43739 1970/01/01 00:04:54 syscalls: 2768 1970/01/01 00:04:54 code coverage: enabled 1970/01/01 00:04:54 comparison tracing: enabled 1970/01/01 00:04:54 extra coverage: enabled 1970/01/01 00:04:54 setuid sandbox: enabled 1970/01/01 00:04:54 namespace sandbox: enabled 1970/01/01 00:04:54 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:04:54 fault injection: enabled 1970/01/01 00:04:54 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:04:54 net packet injection: enabled 1970/01/01 00:04:54 net device setup: enabled 1970/01/01 00:04:54 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:04:54 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:04:54 USB emulation: enabled 1970/01/01 00:04:54 hci packet injection: /dev/vhci does not exist 1970/01/01 00:04:54 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:04:54 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:04:58 fetching corpus: 50, signal 20445/22201 (executing program) 1970/01/01 00:05:00 fetching corpus: 100, signal 29312/32587 (executing program) 1970/01/01 00:05:03 fetching corpus: 150, signal 34265/39039 (executing program) 1970/01/01 00:05:05 fetching corpus: 200, signal 41554/47569 (executing program) 1970/01/01 00:05:07 fetching corpus: 250, signal 44667/51972 (executing program) 1970/01/01 00:05:10 fetching corpus: 300, signal 48515/57028 (executing program) 1970/01/01 00:05:12 fetching corpus: 350, signal 51456/61143 (executing program) 1970/01/01 00:05:14 fetching corpus: 400, signal 53578/64475 (executing program) 1970/01/01 00:05:16 fetching corpus: 450, signal 56318/68297 (executing program) 1970/01/01 00:05:17 fetching corpus: 500, signal 58082/71199 (executing program) 1970/01/01 00:05:19 fetching corpus: 550, signal 60854/74959 (executing program) 1970/01/01 00:05:21 fetching corpus: 600, signal 62093/77250 (executing program) 1970/01/01 00:05:23 fetching corpus: 650, signal 62917/79187 (executing program) 1970/01/01 00:05:26 fetching corpus: 700, signal 64274/81561 (executing program) 1970/01/01 00:05:28 fetching corpus: 750, signal 65305/83654 (executing program) 1970/01/01 00:05:30 fetching corpus: 800, signal 66804/86124 (executing program) 1970/01/01 00:05:32 fetching corpus: 850, signal 68772/88934 (executing program) 1970/01/01 00:05:34 fetching corpus: 900, signal 70210/91245 (executing program) 1970/01/01 00:05:35 fetching corpus: 950, signal 71245/93244 (executing program) 1970/01/01 00:05:37 fetching corpus: 1000, signal 71969/95020 (executing program) 1970/01/01 00:05:39 fetching corpus: 1050, signal 73613/97415 (executing program) 1970/01/01 00:05:41 fetching corpus: 1100, signal 77807/101733 (executing program) 1970/01/01 00:05:43 fetching corpus: 1150, signal 78912/103588 (executing program) 1970/01/01 00:05:44 fetching corpus: 1200, signal 80041/105497 (executing program) 1970/01/01 00:05:48 fetching corpus: 1250, signal 80950/107184 (executing program) 1970/01/01 00:05:49 fetching corpus: 1300, signal 81957/108954 (executing program) 1970/01/01 00:05:52 fetching corpus: 1350, signal 83923/111305 (executing program) 1970/01/01 00:05:53 fetching corpus: 1400, signal 85779/113557 (executing program) 1970/01/01 00:05:56 fetching corpus: 1450, signal 87227/115553 (executing program) 1970/01/01 00:05:58 fetching corpus: 1500, signal 88688/117490 (executing program) 1970/01/01 00:05:59 fetching corpus: 1550, signal 89434/118902 (executing program) 1970/01/01 00:06:02 fetching corpus: 1600, signal 90185/120313 (executing program) 1970/01/01 00:06:04 fetching corpus: 1650, signal 91006/121771 (executing program) 1970/01/01 00:06:06 fetching corpus: 1700, signal 92172/123392 (executing program) 1970/01/01 00:06:08 fetching corpus: 1750, signal 92727/124651 (executing program) 1970/01/01 00:06:09 fetching corpus: 1800, signal 93467/126016 (executing program) 1970/01/01 00:06:11 fetching corpus: 1850, signal 94176/127320 (executing program) 1970/01/01 00:06:13 fetching corpus: 1900, signal 94939/128595 (executing program) 1970/01/01 00:06:14 fetching corpus: 1950, signal 95712/129919 (executing program) 1970/01/01 00:06:16 fetching corpus: 2000, signal 96698/131310 (executing program) 1970/01/01 00:06:18 fetching corpus: 2050, signal 97405/132520 (executing program) 1970/01/01 00:06:19 fetching corpus: 2100, signal 98195/133795 (executing program) 1970/01/01 00:06:21 fetching corpus: 2150, signal 98745/134979 (executing program) 1970/01/01 00:06:23 fetching corpus: 2200, signal 99344/136121 (executing program) 1970/01/01 00:06:24 fetching corpus: 2250, signal 99711/137138 (executing program) 1970/01/01 00:06:26 fetching corpus: 2300, signal 100313/138272 (executing program) 1970/01/01 00:06:29 fetching corpus: 2350, signal 101314/139502 (executing program) 1970/01/01 00:06:31 fetching corpus: 2400, signal 101891/140611 (executing program) 1970/01/01 00:06:33 fetching corpus: 2450, signal 102373/141607 (executing program) 1970/01/01 00:06:35 fetching corpus: 2500, signal 103084/142678 (executing program) 1970/01/01 00:06:36 fetching corpus: 2550, signal 103602/143683 (executing program) 1970/01/01 00:06:38 fetching corpus: 2600, signal 104217/144716 (executing program) 1970/01/01 00:06:40 fetching corpus: 2650, signal 104610/145639 (executing program) 1970/01/01 00:06:42 fetching corpus: 2700, signal 105047/146571 (executing program) 1970/01/01 00:06:44 fetching corpus: 2750, signal 105538/147517 (executing program) 1970/01/01 00:06:46 fetching corpus: 2800, signal 105965/148427 (executing program) 1970/01/01 00:06:47 fetching corpus: 2850, signal 106425/149318 (executing program) 1970/01/01 00:06:51 fetching corpus: 2900, signal 106983/150223 (executing program) 1970/01/01 00:06:52 fetching corpus: 2950, signal 107665/151176 (executing program) 1970/01/01 00:06:53 fetching corpus: 2970, signal 107784/151963 (executing program) 1970/01/01 00:06:53 fetching corpus: 2970, signal 107784/152732 (executing program) 1970/01/01 00:06:53 fetching corpus: 2970, signal 107784/153444 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/154157 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/154913 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/155615 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/156343 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/157088 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/157827 (executing program) 1970/01/01 00:06:54 fetching corpus: 2970, signal 107784/158571 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/159280 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/160039 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/160819 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/161600 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/162322 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/163076 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/163827 (executing program) 1970/01/01 00:06:55 fetching corpus: 2970, signal 107784/164573 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/165328 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/166059 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/166778 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/167531 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/168241 (executing program) 1970/01/01 00:06:56 fetching corpus: 2970, signal 107784/168949 (executing program) 1970/01/01 00:06:57 fetching corpus: 2970, signal 107784/169692 (executing program) 1970/01/01 00:06:57 fetching corpus: 2970, signal 107784/170156 (executing program) 1970/01/01 00:06:57 fetching corpus: 2970, signal 107784/170156 (executing program) 1970/01/01 00:08:29 starting 2 fuzzer processes 00:08:47 executing program 0: ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0) ioctl$UI_END_FF_UPLOAD(0xffffffffffffffff, 0x406855c9, &(0x7f0000000000)={0x1, 0x1, {0x55, 0x3, 0x7ff, {0x101, 0x9}, {0x0, 0x7fff}, @ramp={0x4, 0x2, {0x6, 0x80, 0x6, 0x4}}}, {0x55, 0xffe1, 0x9, {0x7, 0x1000}, {0x9, 0x80}, @ramp={0x5, 0x5, {0x7f, 0xa3c, 0xf384, 0xffff}}}}) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12) r0 = socket$packet(0x11, 0x2, 0x300) open_by_handle_at(r0, &(0x7f0000000080)={0x68, 0x27a, "288f89514daa5c14f8e764152e47ee379ec869e82f2f4fd0089bc141f0b7a784bf95513e8101142b14485834d26fd2ab806874d6006af3bbc8e6cdf5d7d93e6d8cace45a64a16361e04eacd823a06702c1dd9268ccbb938fa9faf5ebad3acf17"}, 0x608d00) syz_genetlink_get_family_id$smc(&(0x7f0000000100)='SMC_PNETID\x00', 0xffffffffffffffff) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000001900)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000001980)='l2tp\x00', 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000001a40)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001a00)={&(0x7f00000019c0)={0x30, r2, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @dev={0xfe, 0x80, [], 0x11}}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x8011) sync_file_range(0xffffffffffffffff, 0x3, 0xa7, 0x2) setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000001a80)=@gcm_128={{0x303}, "c3511cbae65d5e69", "3ce410817534b7f30bd9c271a93e0ce2", "9643c2b5", "a3525ad42e425bd1"}, 0x28) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000001b80)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001b40)={&(0x7f0000001b00)={0x30, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8001}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x20040010) open_by_handle_at(r0, &(0x7f0000001bc0)={0x88, 0xc6dd, "23985c31035937b0528df36346a75cd51870d6ebde326f66e0b952bbe7d8c02b63c25e3e9e7f7eea0188d95117d1df8b839209722cd3c350d694ab51171f156f803369d82890c9b7042a65df84a8abaf2829892acb94068177b54fddad9a7d58aa65805894d4ba7c631b232eb93c758abef1acefb8c574bdce9d0da00ac68161"}, 0x40c001) sendto(r1, &(0x7f0000001c80)="f4c278f7332214e7adb01aa0faa094fbe41e57e18791ac9cef4d27895420d3f90478537df0146df665391852b1b9b2830f27e10618b790997b028075be3838f17423721f4c38f176a818a561e46af069165b31e675126e05091bc1df80e4b96c08c09ff7fa6ef835cd9f156d0d0b9b54c5c24fdadcdc5a8411f6e9a13213c46d21877574d0f9b18ad50a2e275ee77f64b44ca53a782800318c606fcb77b34d147278197f1311730de8e4c5de632291aaae1a46b5c3a16914874197a4c73f1696a7baf1543c2d9b7b4fb2dfe3e2e8dbaddf4bc15d2cf888b2fd0bfa34d40f31486bd84ec08f0598bcfa26bf1eb137758e2e7e0005da2cf4276233906e501425e31dc48aac2299a499eba302bf6699f0cb501ec53daa24e56604679677fe64bea93821026863fdc66390fa27e9fafd5fe0db183e4a1434d622ada4a2bba50c8de0c56bf92e19b34f0deb966099fc535a8c97c0d62cc05de5379d8d4b5f28ea7735818a5616aeb79c1ac9318e9407a2c5915884eed6d1880776ba91a7d429a56d8867b57de4d433d99ae30f5e5b34ca91034d76aabd3128e27df4f8ac5c455f313b0ee3370355f1e54adfd9cf295147f32ed26a5d2e288db3428e0c7d210f677cc95a00a83a180948c6ea9fb26e8fa67285fc8873431023065ba7b3743d2180675997e0d49bae43ca683e809e03a701e2f499416df911a625ae2c7a5a29f6dac83f4533a966e45ed49fd68b5c19981ca92c659579d98ad03421f296088318fb6daa47b439e86b63605af1c2594367b629336707bf0f086ec448c5e01bfa93d1bccc35ac64a40a1460c807b4b313fab9a852c6af4b8a107d8c6a8b52dbd2fadc1e4f4e10b70a4fd44592e7b72d4500bce65c53d96cdda75a548b68f0bae2b4db9bc909ab01dfeb3f7f6cb0d2e3588edc297daf49bc959c65cd559c63851c946dbc0527c096f6f5229e8b95995a90c635c9479640caad15c4f6ef66a1b94f0e0bb3fbee7161579d20c380e1a3798b2daabc428ca9db8417738e5abdd441e5825413930d72fc443cc1addb66d5dad325a1e41ca63c1b4dc4af7556c8ae4b15b7f416556db3c0800b85b30d92f258bd4b8884765a8ce86c084e735be16e2f2458afb351e656e9b506254b83d3d17aea6cf3a84cf6091265e1f4165e66ecf72e5398ff940bb5c84e14a02bbe6e84fecd31095fea4b35b23fd0fe3cc2fb97220427209dc616505c6d23b417780d8e12426beaa76f6d144d622e343b4afa7e2f2caabf651f7e5541cfdb6ebee5868fdab5e013bb77e148f51614c2612c11528e89641cbceee8a877d549eb72b8ebfcfc8170eef953c5fdec5654da593c18e0f9827b3e6a4bd2ec567864b2dec020f535c0f1d39c0b7fdd4833e0a4967e118978a3319b3223f7098eafb8f00d71691c2f76b01358600ab7302d6c1f3ea2d41231203256dcf300de40713fa9f9542f97d79c5cab22e8bfcae1e80ebec7411910146824c851de7702c6017550155dfb94dcbfcaca35b0d95a9af9d80c80f337480f9c6bd44d402ccba4c0a8ab5c54de04f09e30368d99d678afdaf43a4e5739c8adf5a7f948a41df49c979da59e124e58b0bb20d14c025b8f29e63d57d5090f16122a3ed895ef23a7fdb8c58e8f2c0c53c296e3d3f2cc273d64493e9fb683c6a2896e869ce0f02446ec002b748a69e0c46588430d6f839e33328853d556fd0bc7cff65d8f3e48637d083b2b9a6d41f44626fa3f619bbd243ecafed3b93e46b0dbd8ea9b8d9ca6b781bd34725f114750f5e2067f5a19e26cb39f2a148545aad4ee38c4e36c187f21a0ae25500baad43c2ea2f855fc9e7333ca8b5635359860f6e8e7e6a710a6115a20227f09d23fa8e5939b4113e00add885286dd7404aad3313c795f14de5e4222d59fd7bb86e8e6c8111b343d4ff0f37d4718696f1d0124022a19a892468bfa4c97f9bb5fa747e1499286f97d2b70a2300560a4e6110080817e7c096ad32333584444300b89dba9da89007e1ee6258cf8350cdeacdbedf5180482152ee268fd82ef8b79e9695d2407c56fbb77e5862b26d685bdff6737860003c98da8e0d385d3faa1563c6a4e638c1d093be105feab5cb0df367066e467bf2373d0baa4801913650ea56c919fc4d68b91b8fe57057eefad98d1f6d48c2399de7f46233c48018be489e816873e30a7d170a9b3ddbfde7d0df70300a948c3b536b11d36c04770608942f00813f6b9552ca8d9ba441c26eea3530224a05050325d36ccdd450402e617013fce817514ef61b22a726c3f68f952030cf6f928bdf9fa314e8b1a43f0d2bdb95712697230bcdac77653b52f4bc52e80087926e961f15dfaabc2ce0ae7a4f706d6f5fc6efb145e3d46d4a084fd8ef33e1d3d8c7c12f2ea256b526c2751579df6b5890930cbf909a2b24cbb7c3f7631c980b338c197edb5ba16b4bf8aa320c36e23629d7a85deb1bee95ff4e22e15fde0dfad12735d799e48471477f422525969a4c50093f1bb81b956a4ac71a75777ae4c452214656660f91854df4829c4dcadc345803d6de7ff66c25492bfe735bd6cddbe6c854af877c8ce38f125235b8549229d6deb3c0adb30f07fd27e6bae2a8716a9465aa7952d16446657ebd3a8abd7c56236e7a1461464b626f62870b5854216c5142c4a03282596968aec6009a8785317a0ce64ec9cf2874a298d76bb5d13ee8dabc96819a3c06f87f9c78a6ce8ad89dab9cfcef48d9f0d8bccac933a2bd57adaa0cfa0388ebd522432e2a6d32dcaf9a3267345240d1e63bb4360a499700666d38a2e32f613b135f9d8b6c8d66fec2827fb1a0a2974af38422562bba980685434631efb035aba29bd82283b735a2eec6989bc4ee67a1c672e3903ec585f371680b2f6acf53d97e8390daaf397e3f198b6a3471c2bd61b70feda0b6f004a99ac2a7c073d70b18d0fa3271893e1d714a9470cd0116801b2a9d3369c82d43abbb98882d4aa5f7dacea9500eb91d0bdd0f4a7490b303226e5159b6cd5da81407cce99ee598180c55b87f26ff8b3553f6e599d0445d31b74d2d8735668696d00ab78fd5f64839b9db92947929aee00fd4d1c0283641f94c17c7ab3a320b52ebfebd1292b0a012b2a597d5390ce93ab3c6ba4fc50b5bf01ebb82fbf639bdcf9d639c0f3cbe36c3f565caa7dff34326252c719d045bbea0dbd8a04eb29237bf65678664f105c0b68231f71074c0d06b3b0575e50a35f325941a18fc94280b62eb1776b78e69bae380ce66fd3558b5b8a4f14c11fb17ef0b598f0e3a3b54d20256163a5d0773a35d2e6ecd030887e2b326e6dfc4aa502e5ee2f9bec0386552d90c2b7c2bbbb694aafb149c721c859eedc3ddf80ba1c738f2c19d3519706a843087f091616bcaf72912c3f39f4e3959ab62e03c24fd75b4181e787af1ab1562e71c11c2cc6224e3d4ae3420ac9987ac4efb72248e6e89c6f5fcc8d39fbc5fd48198814f7635d2af94cab06e3d19f77c86105854d0711cc501590e180747b008418ed5230b8289ab8e727814fbaabc3a485722a5161c130cf0831dda6d40b75ef8f764055c49aaed48ecd2c11feb2b48f64a3e0531f1ede51990831ab3db3e04732892b31fe204397c01694c6c2ace853e3f8ab1a91ec2bc0bb576fa2b233fa24cb90b6e84b4ee3740366cee9bc597d2390128a8aa0eb8263a9811e2ff5934427ac9bc3a25f68a00640a958596f2cc1c988beae204b780950c4cb18770025b5b14e14546033b0c869cdc3010c5e41fa3f26fa17c0b95ed9da48ac9d3d14005296e450db2e3f5614ccf20ef62bd632443805856b64389633b73ffd8d1641661b4efeab71abcbbb93fbec0cb72239e756ce06e97cbc406f8e5d2032c1a14fa779f908ded31f3b60924c157118d3f06c2e56c48646f034fefcb52cb9fff4a5231531a430eb27b1c645cc6cc25b25386ef976eddd9343d929b943960a48dfb51e68e24f4f750a7e2a200a7cf285843b0c478b839d2d2782b3df44837945532a5d89e22a1db99ee674586a161802eca1e7665c7793aa862d0638f0318e6aba13dfd5747a0978d99bfdf7ea87c9f2257c029af7d803f91345bf9afa48e138229befe2f07aff2a2706e726425cab3beccd8c803f0063d57411b1a07d02bda7a4c2ac6220a0899fe837f393acc0357ccec6922b8504524c25d4413b03fb8dfbfab12c5fd5fabc47271fa2e0e26888c4aede9a55f78cde2c2bc73e4bbf14c05d4e29e22a5f4d10009378efe21f8a5f6bb684e54230270ca022f697a114339d203285479a9f18e1b30d12833b47996fc4c98d1fe704e8c779d1104d35a498fafb56ea36b712fe01d4f6a0042306ef9cee1a7f2de6cae8d59c7d1b4a7a369a5d73f9003c905f79d5cde6501c6cc76c04c800ffee020e54546e1a601744619cf3bed6f717d7f5d2b8e96e20dcdbc6be5da0686cc76f39185b5c98f77a4f90f3b87430d95c49cc800335f73389565b10dca7facf8343c6e9251abc1332a7e29acc4dee20c7b04cd0b64b20c2f425a4e3d0a763fe3fcff3322b1440d3b9573c2dde6572610abad720c7f4ac8d74487bac53e66b2672f5e794a9dd939f29f2a5ae8100c5d3934ca30be03e5fdb90a8188316ccbc902421515965d0b9f152ca2bcb279d7fb6d77b2780023bdf790b63932229c9f764ca7fa0258345eba3463b7a442685062fa86ee6af5a72448da34921b04f1d353e4104bdfc7abd15662e624438b03d3ec2f827efa9bcf5d8ddae9790a7b23163662f9255e6bfc602e44dd298816bf96e231520a63f3f7b1fe0a6e3b123f819f745f18dc4d265fbc297da1f71d1073d5687d5a9bf888d65dac21785cb83783daf3c20e8cd69ae2bb7ab13cddad45630d25859666de3a2c401316c9dbdfa9cb9eed5862428e07a3d7827fbe556324e8aba43d4b44afcab04b03dcaa3de052004e175fb0192da19db3a6b286f905de576815b086370e7bed0e47ac66b4f50e96ecd5154d34d06e1544f107c0daad62abb8e68f344c2daf84e07ad84fe8a6048f56311e15c8079cd280f21b40e5e211e237a23c49f795d6daa648e8429a40209d564a084a0fac4db853a83d8625de10e9e461769a152cefc0d3605484deca4a366c22304294efc49dfec6f7fc3cb2ec7e5b6ab01cfaa3699cdd88620946b084535868e0a19096db8118b6d154b7cab1f4f032efc038cc6a75c9cc7bbe00e0ebf21bc846ea09295250a81253d4d1f29f6723debcd8061a237957bd317da39de9d5730c05a67bbc152bd251975ce39b1b973b105ac7cf7e0cae95e5502c2a4b3d2b7f781b20ecca55944fb2a8d5b97977a50de3ebfc782950f110fc3c2837f6d05e045059ece4c96027be41622a8061b9dd78e9501a1a304510117443520f17b7d8eb9ce38e776edef3922c005c12c69c5bb576dcbb97c476e79b5846930bbb207894aed19ac34223a004a8d8029d82502cea9f7ed27acda023b61ca2bf1e573aeca2e6b39bafab89eb6ff89cf73191341231d999f2ba951372958f8d313e5f4f7be49812aa2f42e7b85701fc19ad9928d4b642ffcf1c963e0fd9e2fb637fccbc8558d4533baff0684bcc3ca29ff19bf4bfee4b5ab5d494e8afde830bccdf5d25a5ad96c7e226721683a7ac9a5b05ba5d70b7a45e001a7fb3d719ecbfc26f232cab1b9a293714f5cdb8c8139747493acf1293ecd2b72975a0b330713af58de10d42a8dfe268c3131c0c6bd22919c58d69dd7389e6b0cb2ef5a03ac51b3e0a3a3d48cad15b92a811e41ca29122a8c53400637d18e8282e422f29f76ec64e3c74c6da730526f5d93", 0x1000, 0x4000014, &(0x7f0000002c80)=@in6={0xa, 0x4e24, 0x7f, @mcast2}, 0x80) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000002d00)={0x0, 0xffffffffffffffff, 0x98, 0x3, 0x1, 0x100000001}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000002d40)={0x7, 0x83, 0x7, 0x1ff, 0xfffffff7, 0x2}) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000002ec0)={&(0x7f0000002dc0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002e80)={&(0x7f0000002e00)={0x68, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv0\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x28}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3f}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x11, 0x28}}]}]}, 0x68}}, 0x4) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) recvfrom$packet(r0, &(0x7f0000002f00)=""/158, 0x9e, 0x12002, &(0x7f0000002fc0)={0x11, 0xf5, 0x0, 0x1, 0x1, 0x6, @dev={[], 0x2b}}, 0x14) getsockopt$IP_SET_OP_GET_BYINDEX(0xffffffffffffffff, 0x1, 0x53, &(0x7f00000030c0)={0x7, 0x7, 0xffffffffffffffff}, &(0x7f0000003100)=0x28) 00:09:08 executing program 1: ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000000)={{0x0, 0x8, 0x1244, 0x63, 0x0, 0x800, 0x80000000, 0x0, 0xffff7fff, 0x0, 0xf9f, 0xd05, 0x20, 0xffff, 0x80008000000000}, 0x30, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f00000000c0)={0x2, 0xffffffffffffffff}) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000140)='y\x00', 0x2, 0x2) ioctl$FBIOPUT_CON2FBMAP(0xffffffffffffffff, 0x4610, &(0x7f0000000180)={0x3e}) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f00000001c0)='trusted.overlay.upper\x00', &(0x7f0000000200)={0x0, 0xfb, 0x8e, 0x6, 0x40, "157cedd7954d7e9accb771177b9ef0c6", "98528ed8e7c41c6ec49fec2ccaf8f02f37670c9f32004d2996da5ed992681803358e38efd6f2096733a86cb9303ee6a9cb0b09d29becc4eb5e47716977068fffc82bb629542dcfebd18e695d88494c154fcf5cb24e8c32478bc75807409fe8b49200b71f3fa1c453fa8bd3643b91ae75ed0a6a34af9903782e"}, 0x8e, 0x3) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f00000002c0)={0x0, 0x4, 0x1}) r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000300)=0x3) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) r2 = fsmount(0xffffffffffffffff, 0x0, 0x72) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2) r3 = socket$inet_udplite(0x2, 0x2, 0x88) fstatfs(r3, &(0x7f0000000340)=""/96) r4 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/nvme-fabrics\x00', 0x1, 0x0) io_cancel(0x0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1c7483c7f6a433a9, 0x5, r4, &(0x7f0000000400)="21205e839781f547a9b649eefd902983f0dc400aa1de1f0e849f07790f5e5fd9b5446aa23b048ce86340e09346e28805a5543dd4c4a23ba5d6c6093c4b986e48ba5d20439cf396429a5dd27720977e1fea23d293142281a74157c89f4814c0bcf0bebe6ffe31a9852d4c6e57a3d199fc8b73ab1e3358538c8d1189aa653d4e4909c8ac2540adb19c56df1cb8f578eb9e23197c13f20efaab406e", 0x9a, 0x6, 0x0, 0x2, r2}, &(0x7f0000000500)) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000540)={0x2, 0x4, 0x101, 0x0, 0xffffffffffffffff}) r5 = accept4(r0, &(0x7f0000000580)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000600)=0x80, 0x180000) setsockopt$inet_tcp_TLS_TX(r5, 0x6, 0x1, &(0x7f0000000640)=@ccm_128={{0x303}, "6c31f38c8ae3f24f", "0a5a8afa48fa7914adcd69d758c07470", "1fb2aff9", "7b4d0e5a3bc5da77"}, 0x28) r6 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000680)='ns/user\x00') syncfs(r6) [ 553.598067][ T3083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 553.692546][ T3083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 561.720829][ T3083] device hsr_slave_0 entered promiscuous mode [ 561.807111][ T3083] device hsr_slave_1 entered promiscuous mode [ 565.926309][ T3083] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 566.066481][ T3083] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 566.216319][ T3083] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 566.435897][ T3083] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 579.386184][ T3083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 580.265140][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 580.334762][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 586.030140][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 586.103771][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 586.667566][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 586.687700][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 586.725716][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 586.753450][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 587.183646][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 587.207004][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 587.705927][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 587.797727][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 587.947542][ T3249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 588.110769][ T3083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 588.250044][ T3249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 589.129542][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 589.155497][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 596.610925][ T3249] device hsr_slave_0 entered promiscuous mode [ 596.638431][ T3249] device hsr_slave_1 entered promiscuous mode [ 596.655902][ T3249] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 596.687597][ T3249] Cannot create hsr debugfs directory [ 601.284449][ T3420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 601.364075][ T3420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 601.405977][ T3249] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 601.540055][ T3249] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 601.700595][ T3249] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 601.885917][ T3249] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 606.895782][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 606.958176][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 607.088528][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 607.116741][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 607.148132][ T3083] device veth0_vlan entered promiscuous mode [ 607.582860][ T3083] device veth1_vlan entered promiscuous mode [ 608.675885][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 608.749072][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 608.996429][ T3083] device veth0_macvtap entered promiscuous mode [ 609.239165][ T3083] device veth1_macvtap entered promiscuous mode [ 610.249091][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 610.313775][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 610.646924][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 610.686827][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 611.024877][ T3083] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.027880][ T3083] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.029210][ T3083] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.030324][ T3083] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.494269][ T3249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 613.588496][ T3416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 613.635431][ T3416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 614.075867][ T3083] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 00:10:17 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) [ 620.025895][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 620.055327][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 620.249368][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 620.298795][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 620.507191][ T3197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 620.774941][ T3164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 621.386716][ T3164] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 621.447767][ T3164] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 621.828399][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 621.886005][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 622.119053][ T3249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 623.254388][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 623.258886][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 00:10:21 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) 00:10:24 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) [ 636.476047][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 636.520535][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 641.136360][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 641.184515][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 641.257959][ T3416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 641.305328][ T3416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 641.390842][ T3249] device veth0_vlan entered promiscuous mode [ 641.970642][ T3249] device veth1_vlan entered promiscuous mode [ 642.916094][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 642.980718][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 643.223335][ T3249] device veth0_macvtap entered promiscuous mode [ 643.480824][ T3249] device veth1_macvtap entered promiscuous mode [ 643.570013][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 643.636063][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 644.123486][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 644.158335][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 644.297989][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 644.335741][ T3326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 644.470375][ T3249] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 644.473987][ T3249] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 644.475603][ T3249] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 644.477297][ T3249] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 00:10:47 executing program 1: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) fchmod(r0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10800, 0x0) ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000040)=""/4096) 00:10:47 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r2) 00:10:50 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) socket$inet6_tcp(0xa, 0x1, 0x0) 00:10:53 executing program 1: syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x210004, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000)='/dev/fuse\x00', 0x2, 0x0) r2 = getuid() syz_mount_image$fuse(&(0x7f0000002040)='fuse\x00', &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r2]) mount$fuseblk(&(0x7f00000007c0)='/dev/loop0\x00', &(0x7f0000000800)='./file1\x00', &(0x7f0000000840)='fuseblk\x00', 0x40000, &(0x7f0000000880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id'}, 0x2c, {[{@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0xd2f}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@uid_gt={'uid>', 0xee00}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@fsname={'fsname', 0x3d, 'blksize'}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x64, 0x38, 0x61, 0x66, 0x64, 0x33, 0x61], 0x2d, [0x38, 0x30, 0x38, 0x36], 0x2d, [0x62, 0x32, 0x64, 0x38], 0x2d, [0x65, 0x39, 0x54, 0x32], 0x2d, [0x32, 0x65, 0x63, 0x63, 0x38, 0x37, 0x32, 0x63]}}}, {@obj_user={'obj_user', 0x3d, '[%#([)@@:'}}, {@obj_role={'obj_role', 0x3d, 'fuseblk\x00'}}, {@pcr={'pcr', 0x3d, 0x25}}, {@smackfsroot={'smackfsroot', 0x3d, '(W\x00'}}]}}) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='fuseblk\x00', 0x1010000, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000,user_id=\x00'/42, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0xee00, @ANYBLOB=',default_permissions,allow_other,blksize=0x0000000000000000,max_read=0x000000000000001f,blksize=0x0000000000000400,allow_other,blksize=0x0000000000000d00,max_read=0x0000000000000008,max_read=0x0000000000000080,subj_role=^@,fowner=', @ANYRESDEC=0xee00, @ANYBLOB=',subj_role=,\x00']) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4, 0x30, r0, 0x3000) execve(&(0x7f0000000140)='./file1\x00', &(0x7f0000000540)=[&(0x7f0000000180)=']+-%})+!\x00', &(0x7f00000001c0)='/proc/mdstat\x00', &(0x7f0000000200)='(W\x00', &(0x7f0000000240)='group_id', &(0x7f0000000280)='fuseblk\x00', &(0x7f00000002c0)='allow_other', &(0x7f0000000480)='blksize', &(0x7f00000004c0)='/dev/loop0\x00', &(0x7f0000000500)='default_permissions'], &(0x7f0000000780)=[&(0x7f00000005c0)='/proc/mdstat\x00', &(0x7f0000000600)='F.\x00', &(0x7f0000000640)='\x00', &(0x7f0000000680)='blksize', &(0x7f00000006c0)=')\r#\x00', &(0x7f0000000700)='+/.:\x00', &(0x7f0000000740)='max_read']) llistxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000020c0)=""/4096, 0x1000) [ 656.127921][ T3569] fuseblk: Invalid rootmode [ 656.480544][ T3570] fuseblk: Invalid rootmode 00:10:54 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r1, 0x0, 0x487, 0x0, 0x0) close(r0) 00:10:57 executing program 1: syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x210004, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000)='/dev/fuse\x00', 0x2, 0x0) r2 = getuid() syz_mount_image$fuse(&(0x7f0000002040)='fuse\x00', &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r2]) mount$fuseblk(&(0x7f00000007c0)='/dev/loop0\x00', &(0x7f0000000800)='./file1\x00', &(0x7f0000000840)='fuseblk\x00', 0x40000, &(0x7f0000000880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id'}, 0x2c, {[{@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0xd2f}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@uid_gt={'uid>', 0xee00}}, {@func={'func', 0x3d, 'MMAP_CHECK'}}, {@audit='audit'}, {@fsname={'fsname', 0x3d, 'blksize'}}, {@fsuuid={'fsuuid', 0x3d, {[0x62, 0x64, 0x38, 0x61, 0x66, 0x64, 0x33, 0x61], 0x2d, [0x38, 0x30, 0x38, 0x36], 0x2d, [0x62, 0x32, 0x64, 0x38], 0x2d, [0x65, 0x39, 0x54, 0x32], 0x2d, [0x32, 0x65, 0x63, 0x63, 0x38, 0x37, 0x32, 0x63]}}}, {@obj_user={'obj_user', 0x3d, '[%#([)@@:'}}, {@obj_role={'obj_role', 0x3d, 'fuseblk\x00'}}, {@pcr={'pcr', 0x3d, 0x25}}, {@smackfsroot={'smackfsroot', 0x3d, '(W\x00'}}]}}) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='fuseblk\x00', 0x1010000, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000,user_id=\x00'/42, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0xee00, @ANYBLOB=',default_permissions,allow_other,blksize=0x0000000000000000,max_read=0x000000000000001f,blksize=0x0000000000000400,allow_other,blksize=0x0000000000000d00,max_read=0x0000000000000008,max_read=0x0000000000000080,subj_role=^@,fowner=', @ANYRESDEC=0xee00, @ANYBLOB=',subj_role=,\x00']) mmap$snddsp(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4, 0x30, r0, 0x3000) execve(&(0x7f0000000140)='./file1\x00', &(0x7f0000000540)=[&(0x7f0000000180)=']+-%})+!\x00', &(0x7f00000001c0)='/proc/mdstat\x00', &(0x7f0000000200)='(W\x00', &(0x7f0000000240)='group_id', &(0x7f0000000280)='fuseblk\x00', &(0x7f00000002c0)='allow_other', &(0x7f0000000480)='blksize', &(0x7f00000004c0)='/dev/loop0\x00', &(0x7f0000000500)='default_permissions'], &(0x7f0000000780)=[&(0x7f00000005c0)='/proc/mdstat\x00', &(0x7f0000000600)='F.\x00', &(0x7f0000000640)='\x00', &(0x7f0000000680)='blksize', &(0x7f00000006c0)=')\r#\x00', &(0x7f0000000700)='+/.:\x00', &(0x7f0000000740)='max_read']) llistxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000020c0)=""/4096, 0x1000) 00:10:58 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) [ 661.646899][ T3574] fuseblk: Invalid rootmode 00:11:02 executing program 0: r0 = fsopen(&(0x7f0000000000)='ramfs\x00', 0x0) close(r0) 00:11:02 executing program 1: r0 = socket$nl_rdma(0x10, 0x3, 0x14) ioctl$SIOCGSTAMP(r0, 0x8903, 0x0) r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@xdp, &(0x7f0000000000)=0x80) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00', 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, 0x0, 0x0) sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c004000", @ANYRES16, @ANYRESDEC=r0], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20004800) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="50200000011400032dbd7000fddb11fe08000100000000000800010001000000080001000c000000080001000200000008000100010000000800010002000000080001000200"/80], 0x50}, 0x1, 0x0, 0x0, 0x24040881}, 0xd4) llistxattr(&(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 00:11:06 executing program 0: close(0xffffffffffffffff) 00:11:09 executing program 1: r0 = socket$nl_rdma(0x10, 0x3, 0x14) ioctl$SIOCGSTAMP(r0, 0x8903, 0x0) r1 = accept(0xffffffffffffffff, &(0x7f0000000080)=@xdp, &(0x7f0000000000)=0x80) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00', 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, 0x0, 0x0) sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c004000", @ANYRES16, @ANYRESDEC=r0], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20004800) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="50200000011400032dbd7000fddb11fe08000100000000000800010001000000080001000c000000080001000200000008000100010000000800010002000000080001000200"/80], 0x50}, 0x1, 0x0, 0x0, 0x24040881}, 0xd4) llistxattr(&(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) 00:11:10 executing program 0: close(0xffffffffffffffff) [ 672.667433][ T3588] Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000000000000 [ 672.670594][ T3588] Oops [#1] [ 672.672161][ T3588] Modules linked in: [ 672.673936][ T3588] CPU: 1 PID: 3588 Comm: syz-executor.1 Not tainted 5.12.0-rc5-syzkaller-00715-ga5e13c6df0e4 #0 [ 672.675419][ T3588] Hardware name: riscv-virtio,qemu (DT) [ 672.676454][ T3588] epc : sock_ioctl+0x4c4/0x66c [ 672.677652][ T3588] ra : sock_ioctl+0x4c4/0x66c [ 672.678676][ T3588] epc : ffffffe0020e60a2 ra : ffffffe0020e60a2 sp : ffffffe022277da0 [ 672.679870][ T3588] gp : ffffffe004588b08 tp : ffffffe007928000 t0 : 0000000000000000 [ 672.681240][ T3588] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe022277e30 [ 672.683182][ T3588] s1 : 0000000000040000 a0 : 0000000000000000 a1 : 0000000000000007 [ 672.684336][ T3588] a2 : 1ffffffc00f25000 a3 : ffffffe002a94d2e a4 : 0000000000000000 [ 672.685540][ T3588] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000084f3a [ 672.686687][ T3588] s2 : 0000000000000000 s3 : 0000000000008902 s4 : 0000000000000000 [ 672.687818][ T3588] s5 : ffffffe00458c0d0 s6 : ffffffe00d2c4540 s7 : ffffffe006599c80 [ 672.689034][ T3588] s8 : 0000000000008903 s9 : ffffffe00d2c4600 s10: 0000000000000000 [ 672.690287][ T3588] s11: 0000000000020000 t3 : a7f565c006834f00 t4 : ffffffc4043b27b2 [ 672.692075][ T3588] t5 : ffffffc4043b27ba t6 : 0000000000040000 [ 672.693167][ T3588] status: 0000000000000120 badaddr: 0000000000000000 cause: 000000000000000f [ 672.694462][ T3588] Call Trace: [ 672.695186][ T3588] [] sock_ioctl+0x4c4/0x66c [ 672.696509][ T3588] [] sys_ioctl+0x5c2/0xd56 [ 672.697753][ T3588] [] ret_from_syscall+0x0/0x2 [ 672.713766][ T3588] ---[ end trace 2ecfe5bcf2bfbcc6 ]--- [ 672.715295][ T3588] Kernel panic - not syncing: Fatal exception [ 672.716466][ T3588] SMP: stopping secondary CPUs [ 672.718199][ T3588] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:28:44 Registers: info registers vcpu 0 pc ffffffe0000a3292 mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe00041bf18 sepc ffffffe00041bf18 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe0000a3282 x2/sp ffffffe01ed77730 x3/gp ffffffe004588b08 x4/tp ffffffe00a7417c0 x5/t0 0000000000046000 x6/t1 ffffffe004455690 x7/t2 0000000000000000 x8/s0 ffffffe01ed77790 x9/s1 ffffffe00a741880 x10/a0 0000000000000000 x11/a1 0000000000000003 x12/a2 1ffffffc014e82f9 x13/a3 ffffffe0000a3268 x14/a4 0000000000000000 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffffffffffffff x18/s2 ffffffe00643d800 x19/s3 00000000009a9d40 x20/s4 ffffffe00458c228 x21/s5 ffffffe00a7417c0 x22/s6 ffffffe00a7417c0 x23/s7 0000000000000000 x24/s8 ffffffe004588630 x25/s9 ffffffe00383dc88 x26/s10 ffffffe067d48100 x27/s11 ffffffe00013c116 x28/t3 a7f565c006834f00 x29/t4 ffffffc400a08107 x30/t5 ffffffc400a0810e x31/t6 0000000000000004 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffe000c23c10 mhartid 0000000000000001 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe000a7c3ae sepc ffffffe00000fc7e mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe000c23c0c x2/sp ffffffe0222777f0 x3/gp ffffffe004588b08 x4/tp ffffffe007928000 x5/t0 ffffffe004ffdbb7 x6/t1 ffffffc4009ffb76 x7/t2 0000000000000000 x8/s0 ffffffe0222778c0 x9/s1 ffffffe005230480 x10/a0 0000000000000000 x11/a1 00000000000f0000 x12/a2 ffffffd012cb0000 x13/a3 ffffffe000c23c0c x14/a4 ffffffd012cf4318 x15/a5 0000000000008863 x16/a6 0000000000f00000 x17/a7 ffffffe004ffdbb6 x18/s2 0000000000000000 x19/s3 0000000000000020 x20/s4 ffffffe004249e70 x21/s5 ffffffe004ffdba0 x22/s6 000000000000002a x23/s7 ffffffe000c16de8 x24/s8 0000000000000000 x25/s9 ffffffe00458c0d0 x26/s10 ffffffe0043a57b8 x27/s11 0000000000000000 x28/t3 000000000000004d x29/t4 ffffffc4009ffb74 x30/t5 ffffffc4009ffb77 x31/t6 ffffffe004ffdbb7 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000