syzkaller login: [ 490.605570][ T1860] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 490.662386][ T1860] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 490.728838][ T1860] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 490.769512][ T1860] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 499.706255][ T1860] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:24846' (ECDSA) to the list of known hosts. 1970/01/01 00:09:09 fuzzer started 1970/01/01 00:09:25 dialing manager at localhost:46285 [ 571.565187][ T2027] cgroup: Unknown subsys name 'net' [ 572.711477][ T2027] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:09:32 syscalls: 2855 1970/01/01 00:09:32 code coverage: enabled 1970/01/01 00:09:32 comparison tracing: enabled 1970/01/01 00:09:32 extra coverage: enabled 1970/01/01 00:09:32 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:09:32 setuid sandbox: enabled 1970/01/01 00:09:32 namespace sandbox: enabled 1970/01/01 00:09:32 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:09:32 fault injection: enabled 1970/01/01 00:09:32 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:09:32 net packet injection: enabled 1970/01/01 00:09:32 net device setup: enabled 1970/01/01 00:09:32 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:09:32 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:09:32 USB emulation: enabled 1970/01/01 00:09:32 hci packet injection: /dev/vhci does not exist 1970/01/01 00:09:32 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:09:32 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:09:33 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:09:39 fetching corpus: 50, signal 32668/36155 (executing program) 1970/01/01 00:09:43 fetching corpus: 100, signal 45274/50225 (executing program) 1970/01/01 00:09:47 fetching corpus: 150, signal 59040/65239 (executing program) 1970/01/01 00:09:51 fetching corpus: 200, signal 70085/77443 (executing program) 1970/01/01 00:09:53 fetching corpus: 250, signal 78912/87368 (executing program) 1970/01/01 00:09:55 fetching corpus: 300, signal 82784/92491 (executing program) 1970/01/01 00:09:58 fetching corpus: 350, signal 91270/101897 (executing program) 1970/01/01 00:10:01 fetching corpus: 400, signal 95469/107154 (executing program) 1970/01/01 00:10:04 fetching corpus: 450, signal 99603/112264 (executing program) 1970/01/01 00:10:06 fetching corpus: 500, signal 102002/115705 (executing program) 1970/01/01 00:10:09 fetching corpus: 550, signal 104905/119577 (executing program) 1970/01/01 00:10:14 fetching corpus: 600, signal 108426/123928 (executing program) 1970/01/01 00:10:18 fetching corpus: 650, signal 111548/127904 (executing program) 1970/01/01 00:10:21 fetching corpus: 700, signal 117129/134063 (executing program) 1970/01/01 00:10:23 fetching corpus: 750, signal 119879/137635 (executing program) 1970/01/01 00:10:25 fetching corpus: 800, signal 121802/140370 (executing program) 1970/01/01 00:10:27 fetching corpus: 850, signal 124828/144086 (executing program) 1970/01/01 00:10:30 fetching corpus: 900, signal 126866/146917 (executing program) 1970/01/01 00:10:33 fetching corpus: 950, signal 130614/151199 (executing program) 1970/01/01 00:10:35 fetching corpus: 1000, signal 135312/156219 (executing program) 1970/01/01 00:10:38 fetching corpus: 1050, signal 138130/159552 (executing program) 1970/01/01 00:10:40 fetching corpus: 1100, signal 139317/161496 (executing program) 1970/01/01 00:10:42 fetching corpus: 1150, signal 141792/164512 (executing program) 1970/01/01 00:10:45 fetching corpus: 1200, signal 144296/167472 (executing program) 1970/01/01 00:10:47 fetching corpus: 1250, signal 146031/169865 (executing program) 1970/01/01 00:10:51 fetching corpus: 1300, signal 151827/175363 (executing program) 1970/01/01 00:10:53 fetching corpus: 1350, signal 154567/178387 (executing program) 1970/01/01 00:10:55 fetching corpus: 1400, signal 157165/181203 (executing program) 1970/01/01 00:10:58 fetching corpus: 1450, signal 159380/183740 (executing program) 1970/01/01 00:11:00 fetching corpus: 1500, signal 161784/186382 (executing program) 1970/01/01 00:11:03 fetching corpus: 1550, signal 165014/189631 (executing program) 1970/01/01 00:11:06 fetching corpus: 1600, signal 166533/191521 (executing program) 1970/01/01 00:11:09 fetching corpus: 1650, signal 167847/193226 (executing program) 1970/01/01 00:11:12 fetching corpus: 1700, signal 170982/196329 (executing program) 1970/01/01 00:11:15 fetching corpus: 1750, signal 172706/198267 (executing program) 1970/01/01 00:11:17 fetching corpus: 1800, signal 173887/199851 (executing program) 1970/01/01 00:11:20 fetching corpus: 1850, signal 175369/201608 (executing program) 1970/01/01 00:11:23 fetching corpus: 1900, signal 176502/203094 (executing program) 1970/01/01 00:11:26 fetching corpus: 1950, signal 177734/204631 (executing program) 1970/01/01 00:11:30 fetching corpus: 2000, signal 179444/206444 (executing program) 1970/01/01 00:11:34 fetching corpus: 2050, signal 182998/209521 (executing program) 1970/01/01 00:11:38 fetching corpus: 2100, signal 184186/210935 (executing program) 1970/01/01 00:11:41 fetching corpus: 2150, signal 185828/212620 (executing program) 1970/01/01 00:11:47 fetching corpus: 2200, signal 186965/213987 (executing program) 1970/01/01 00:11:49 fetching corpus: 2250, signal 187792/215105 (executing program) 1970/01/01 00:11:51 fetching corpus: 2300, signal 189043/216427 (executing program) 1970/01/01 00:11:55 fetching corpus: 2350, signal 190313/217800 (executing program) 1970/01/01 00:11:58 fetching corpus: 2400, signal 191670/219194 (executing program) 1970/01/01 00:12:00 fetching corpus: 2450, signal 192716/220418 (executing program) 1970/01/01 00:12:02 fetching corpus: 2500, signal 195163/222461 (executing program) 1970/01/01 00:12:05 fetching corpus: 2550, signal 195981/223471 (executing program) 1970/01/01 00:12:08 fetching corpus: 2600, signal 197290/224816 (executing program) 1970/01/01 00:12:11 fetching corpus: 2650, signal 197964/225719 (executing program) 1970/01/01 00:12:13 fetching corpus: 2700, signal 199423/227065 (executing program) 1970/01/01 00:12:15 fetching corpus: 2750, signal 200495/228210 (executing program) 1970/01/01 00:12:17 fetching corpus: 2800, signal 201577/229236 (executing program) 1970/01/01 00:12:19 fetching corpus: 2850, signal 202759/230390 (executing program) 1970/01/01 00:12:22 fetching corpus: 2900, signal 204227/231727 (executing program) 1970/01/01 00:12:26 fetching corpus: 2950, signal 206224/233281 (executing program) 1970/01/01 00:12:28 fetching corpus: 3000, signal 207068/234161 (executing program) 1970/01/01 00:12:30 fetching corpus: 3050, signal 208172/235221 (executing program) 1970/01/01 00:12:33 fetching corpus: 3100, signal 209056/236156 (executing program) 1970/01/01 00:12:36 fetching corpus: 3150, signal 210290/237251 (executing program) 1970/01/01 00:12:41 fetching corpus: 3200, signal 213257/239162 (executing program) 1970/01/01 00:12:45 fetching corpus: 3250, signal 214054/239970 (executing program) 1970/01/01 00:12:48 fetching corpus: 3300, signal 215806/241194 (executing program) 1970/01/01 00:12:51 fetching corpus: 3350, signal 216736/242013 (executing program) 1970/01/01 00:12:54 fetching corpus: 3400, signal 218371/243136 (executing program) 1970/01/01 00:12:57 fetching corpus: 3450, signal 219249/243897 (executing program) 1970/01/01 00:12:59 fetching corpus: 3500, signal 220072/244653 (executing program) 1970/01/01 00:13:01 fetching corpus: 3550, signal 220852/245367 (executing program) 1970/01/01 00:13:04 fetching corpus: 3600, signal 221486/245988 (executing program) 1970/01/01 00:13:06 fetching corpus: 3650, signal 222373/246728 (executing program) 1970/01/01 00:13:10 fetching corpus: 3700, signal 223246/247424 (executing program) 1970/01/01 00:13:12 fetching corpus: 3749, signal 224816/248431 (executing program) 1970/01/01 00:13:15 fetching corpus: 3799, signal 226015/249303 (executing program) 1970/01/01 00:13:17 fetching corpus: 3849, signal 226525/249817 (executing program) 1970/01/01 00:13:20 fetching corpus: 3899, signal 227476/250453 (executing program) 1970/01/01 00:13:23 fetching corpus: 3948, signal 228600/251187 (executing program) 1970/01/01 00:13:26 fetching corpus: 3998, signal 229284/251782 (executing program) 1970/01/01 00:13:29 fetching corpus: 4048, signal 230243/252398 (executing program) 1970/01/01 00:13:32 fetching corpus: 4098, signal 230863/252959 (executing program) 1970/01/01 00:13:36 fetching corpus: 4148, signal 231701/253513 (executing program) 1970/01/01 00:13:38 fetching corpus: 4198, signal 232315/254035 (executing program) 1970/01/01 00:13:40 fetching corpus: 4248, signal 233112/254578 (executing program) 1970/01/01 00:13:43 fetching corpus: 4298, signal 233766/255047 (executing program) 1970/01/01 00:13:49 fetching corpus: 4348, signal 234720/255579 (executing program) 1970/01/01 00:13:53 fetching corpus: 4398, signal 235480/256071 (executing program) 1970/01/01 00:13:57 fetching corpus: 4447, signal 236300/256599 (executing program) 1970/01/01 00:14:00 fetching corpus: 4497, signal 236864/257020 (executing program) 1970/01/01 00:14:02 fetching corpus: 4547, signal 237803/257529 (executing program) 1970/01/01 00:14:04 fetching corpus: 4597, signal 238277/257902 (executing program) 1970/01/01 00:14:07 fetching corpus: 4647, signal 239428/258420 (executing program) 1970/01/01 00:14:09 fetching corpus: 4697, signal 240143/258843 (executing program) 1970/01/01 00:14:12 fetching corpus: 4747, signal 240736/259206 (executing program) 1970/01/01 00:14:13 fetching corpus: 4797, signal 241433/259562 (executing program) 1970/01/01 00:14:15 fetching corpus: 4847, signal 241976/259896 (executing program) 1970/01/01 00:14:18 fetching corpus: 4897, signal 242601/260240 (executing program) 1970/01/01 00:14:21 fetching corpus: 4947, signal 243347/260638 (executing program) 1970/01/01 00:14:23 fetching corpus: 4997, signal 243870/260940 (executing program) 1970/01/01 00:14:25 fetching corpus: 5047, signal 245617/261506 (executing program) 1970/01/01 00:14:27 fetching corpus: 5096, signal 246568/261878 (executing program) 1970/01/01 00:14:30 fetching corpus: 5146, signal 247657/262242 (executing program) 1970/01/01 00:14:33 fetching corpus: 5196, signal 248895/262644 (executing program) 1970/01/01 00:14:35 fetching corpus: 5246, signal 249318/262855 (executing program) 1970/01/01 00:14:38 fetching corpus: 5296, signal 249719/263081 (executing program) 1970/01/01 00:14:41 fetching corpus: 5346, signal 250332/263345 (executing program) 1970/01/01 00:14:43 fetching corpus: 5396, signal 251082/263606 (executing program) 1970/01/01 00:14:46 fetching corpus: 5446, signal 251825/263853 (executing program) 1970/01/01 00:14:49 fetching corpus: 5496, signal 252580/264095 (executing program) 1970/01/01 00:14:52 fetching corpus: 5545, signal 253813/264411 (executing program) 1970/01/01 00:14:54 fetching corpus: 5595, signal 254449/264617 (executing program) 1970/01/01 00:14:57 fetching corpus: 5645, signal 255016/264776 (executing program) 1970/01/01 00:15:00 fetching corpus: 5695, signal 255643/264949 (executing program) 1970/01/01 00:15:04 fetching corpus: 5745, signal 256236/265101 (executing program) 1970/01/01 00:15:06 fetching corpus: 5795, signal 257676/265377 (executing program) 1970/01/01 00:15:08 fetching corpus: 5845, signal 258294/265518 (executing program) 1970/01/01 00:15:12 fetching corpus: 5895, signal 258728/265610 (executing program) 1970/01/01 00:15:15 fetching corpus: 5945, signal 259227/265710 (executing program) 1970/01/01 00:15:17 fetching corpus: 5995, signal 261645/265985 (executing program) 1970/01/01 00:15:19 fetching corpus: 6045, signal 262132/266060 (executing program) 1970/01/01 00:15:22 fetching corpus: 6090, signal 263801/266219 (executing program) 1970/01/01 00:15:22 fetching corpus: 6090, signal 263801/266230 (executing program) 1970/01/01 00:15:22 fetching corpus: 6090, signal 263801/266248 (executing program) 1970/01/01 00:15:22 fetching corpus: 6090, signal 263801/266271 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266288 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266307 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266322 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266336 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266361 (executing program) 1970/01/01 00:15:23 fetching corpus: 6090, signal 263801/266388 (executing program) 1970/01/01 00:15:24 fetching corpus: 6090, signal 263801/266401 (executing program) 1970/01/01 00:15:24 fetching corpus: 6090, signal 263805/266401 (executing program) 1970/01/01 00:15:24 fetching corpus: 6090, signal 263805/266401 (executing program) 1970/01/01 00:17:25 starting 2 fuzzer processes 00:17:25 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) lseek(r0, 0xfffffffffffffffe, 0x4) 00:17:25 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) [ 1075.541970][ T2041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1076.161125][ T2041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1076.290799][ T2040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1077.007325][ T2040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1090.757482][ T2041] device hsr_slave_0 entered promiscuous mode [ 1090.798948][ T2041] device hsr_slave_1 entered promiscuous mode [ 1091.467476][ T2040] device hsr_slave_0 entered promiscuous mode [ 1091.490835][ T2040] device hsr_slave_1 entered promiscuous mode [ 1091.514935][ T2040] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1091.519947][ T2040] Cannot create hsr debugfs directory [ 1102.722567][ T2041] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1103.060569][ T2041] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1103.591087][ T2041] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1103.999314][ T2041] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1105.270450][ T2040] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1105.648832][ T2040] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1105.809611][ T2040] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1105.962648][ T2040] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1120.281013][ T2040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1120.517471][ T2041] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1121.445727][ T2641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1121.566820][ T2641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1121.622106][ T2641] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1121.690124][ T2641] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1129.455413][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1129.502381][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1129.690802][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1129.731411][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1130.671976][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1130.728340][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1130.780630][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1130.830483][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1131.330818][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1131.365775][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1131.400897][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1131.436858][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1131.699147][ T2094] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1132.142560][ T2040] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1132.737859][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1132.782171][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1132.808568][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1133.587387][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1133.638517][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1133.861448][ T2094] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1133.869620][ T2094] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1134.025078][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1134.084919][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1134.386427][ T2041] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1135.527496][ T2677] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1135.531859][ T2677] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1158.714932][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1158.777925][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1159.659301][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1159.708584][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1169.019966][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1169.097541][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1169.240038][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1169.301883][ T831] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1169.444886][ T2040] device veth0_vlan entered promiscuous mode [ 1170.211194][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1170.354773][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1170.512528][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1170.607922][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1170.671228][ T2040] device veth1_vlan entered promiscuous mode [ 1170.741482][ T2041] device veth0_vlan entered promiscuous mode [ 1171.694800][ T2041] device veth1_vlan entered promiscuous mode [ 1173.048032][ T2040] device veth0_macvtap entered promiscuous mode [ 1173.421347][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1173.491175][ T2029] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1173.564362][ T2040] device veth1_macvtap entered promiscuous mode [ 1173.767488][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1173.936390][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1173.961758][ T2197] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1174.426832][ T2041] device veth0_macvtap entered promiscuous mode [ 1174.787727][ T2041] device veth1_macvtap entered promiscuous mode [ 1174.981939][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1175.042595][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1175.081404][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1175.109885][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1175.595622][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1175.641576][ T2651] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1176.118472][ T2040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1176.121340][ T2040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1176.122584][ T2040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1176.126210][ T2040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1176.436903][ T2677] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1176.487133][ T2677] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1177.031062][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1177.056317][ T2678] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1177.329568][ T2041] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1177.331477][ T2041] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1177.345154][ T2041] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1177.347017][ T2041] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 00:19:44 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) lseek(r0, 0xfffffffffffffffe, 0x4) 00:19:44 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:19:48 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:19:49 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) lseek(r0, 0xfffffffffffffffe, 0x4) 00:19:52 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:19:52 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) lseek(r0, 0xfffffffffffffffe, 0x4) 00:19:56 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:19:57 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:00 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:01 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:20:04 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:04 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0xdc75849f79353bb, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) clock_gettime(0x0, &(0x7f0000005040)) recvmmsg(r0, &(0x7f0000004f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) 00:20:08 executing program 1: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:10 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:14 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[], 0x10) fallocate(r0, 0x20, 0x0, 0xffffffff000) 00:20:17 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[], 0x10) fallocate(r0, 0x20, 0x0, 0xffffffff000) 00:20:18 executing program 0: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/consoles\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) sendfile(r1, r0, 0x0, 0x80000000008004) 00:20:20 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[], 0x10) fallocate(r0, 0x20, 0x0, 0xffffffff000) 00:20:23 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) 00:20:24 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000080)=ANY=[], 0x10) fallocate(r0, 0x20, 0x0, 0xffffffff000) [ 1226.090491][ T2770] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1226.101909][ T2770] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:28 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) 00:20:31 executing program 1: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1233.010597][ T2777] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1233.012044][ T2777] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:34 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1236.918307][ T2783] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1236.919946][ T2783] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:38 executing program 1: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1240.611162][ T2788] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1240.695638][ T2788] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:42 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1244.302465][ T2793] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1244.334502][ T2793] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:46 executing program 1: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1253.015548][ T2802] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1253.018428][ T2802] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:51 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1255.688224][ T2806] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1255.689787][ T2806] nbd: socks must be embedded in a SOCK_ITEM attr 00:20:56 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:20:57 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) [ 1259.040273][ T26] audit: type=1800 audit(1257.840:2): pid=2810 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=635 res=0 errno=0 [ 1261.728978][ T2813] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1261.730520][ T2813] nbd: socks must be embedded in a SOCK_ITEM attr 00:21:02 executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), r1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100ffffffff00000000010000000c00020000000000000000000c00060001000000000000004400078008000100", @ANYBLOB="08000100", @ANYBLOB="260001", @ANYRES32, @ANYRES32, @ANYRES32], 0x70}}, 0x0) 00:21:04 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1267.746772][ T2818] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1267.748505][ T2818] nbd: socks must be embedded in a SOCK_ITEM attr [ 1268.139672][ T26] audit: type=1800 audit(1266.980:3): pid=2819 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:21:11 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1274.082502][ T26] audit: type=1800 audit(1272.930:4): pid=2824 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=645 res=0 errno=0 00:21:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1278.042662][ T26] audit: type=1800 audit(1276.890:5): pid=2827 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:21:19 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1283.019130][ T26] audit: type=1800 audit(1281.870:6): pid=2830 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=645 res=0 errno=0 00:21:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1286.011251][ T26] audit: type=1800 audit(1284.860:7): pid=2833 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:21:28 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1294.168336][ T26] audit: type=1800 audit(1293.020:8): pid=2836 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=645 res=0 errno=0 00:21:38 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1301.249576][ T26] audit: type=1800 audit(1300.060:9): pid=2839 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:21:48 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:21:49 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1311.535967][ T26] audit: type=1800 audit(1310.370:10): pid=2842 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=640 res=0 errno=0 [ 1312.710149][ T26] audit: type=1800 audit(1311.540:11): pid=2845 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=645 res=0 errno=0 00:21:55 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:21:57 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1318.942623][ T26] audit: type=1800 audit(1317.790:12): pid=2848 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=640 res=0 errno=0 [ 1320.525011][ T26] audit: type=1800 audit(1319.370:13): pid=2851 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=645 res=0 errno=0 00:22:03 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:22:05 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) [ 1327.298519][ T26] audit: type=1800 audit(1326.140:14): pid=2854 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="vda" ino=640 res=0 errno=0 [ 1328.652075][ T26] audit: type=1800 audit(1327.500:15): pid=2857 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=645 res=0 errno=0 00:22:14 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:22:14 executing program 0: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000080)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$inet(r2, &(0x7f0000000500)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000340)="9b7f", 0xffeb}], 0x1, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @broadcast}}}], 0x20}, 0x0) read$FUSE(r2, &(0x7f0000005240)={0x2020}, 0x127c) [ 1338.041603][ T26] audit: type=1800 audit(1336.860:16): pid=2862 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:22:19 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000ffffff840a00000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) 00:22:22 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev(r1, &(0x7f0000000a80)=[{&(0x7f0000000980)='+', 0x1}], 0x1, 0x100bfaa, 0x0) pwritev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x0}) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) sendfile(r3, r2, 0x0, 0x7fffffff) openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(r0, r0, 0x0, 0xffffffff000) 00:22:23 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000ffffff840a00000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) [ 1346.682013][ T26] audit: type=1800 audit(1345.520:17): pid=2871 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="vda" ino=644 res=0 errno=0 00:22:26 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000ffffff840a00000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) 00:22:28 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000ffffff840a00000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) 00:22:35 executing program 1: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x200) 00:22:36 executing program 0: r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ppoll(&(0x7f0000001940)=[{r0}], 0x1, &(0x7f0000001980), 0x0, 0x0) 00:22:38 executing program 1: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x200) 00:22:40 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0xd, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:22:42 executing program 1: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x200) 00:22:44 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0xd, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:22:46 executing program 1: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) unlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x200) 00:22:48 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0xd, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:22:50 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x23, &(0x7f0000000040), 0x8) 00:22:51 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0xd, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) 00:22:53 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x23, &(0x7f0000000040), 0x8) 00:22:56 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x23, &(0x7f0000000040), 0x8) 00:22:56 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_GSO_MAX_SEGS={0x8}]}, 0x28}}, 0x0) 00:22:59 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_GSO_MAX_SEGS={0x8}]}, 0x28}}, 0x0) 00:23:00 executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x23, &(0x7f0000000040), 0x8) 00:23:02 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_GSO_MAX_SEGS={0x8}]}, 0x28}}, 0x0) 00:23:04 executing program 1: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000140)='^@[-)%+/-[&/{--#[\x00') 00:23:04 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_GSO_MAX_SEGS={0x8}]}, 0x28}}, 0x0) 00:23:06 executing program 1: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000140)='^@[-)%+/-[&/{--#[\x00') 00:23:10 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xd3, 0xe0902) ioctl$USBDEVFS_GETDRIVER(r0, 0x8004551a, &(0x7f0000000080)={0x0, "da5672f096fc91e1833451a8fffde8f798f194f41cf7d23edd29e8c9054fe8a84b4ab54851fb6e52b14b6de613d2683e31e1a4c95584bf844b5aa7dfea456c9b93ea7caf4b014860f6c9ed2c984dc9a715bd58d8abf9c4d5f67df6a15d7379d2aeeace7104aa588644f7a19841107db73f8c8340d11dfc05817e3ac376382d84d7d93a896808696d6adcac3225c90803a33c1c37a5c012a5d1fdb223a9485fe18a590cbb642ea4686c6defcaa91f3e88c6b6f145699023a804a837f55a124bbeddddea7eb48452ead37fa33c86069391019d2317d55969916b4f463d032b49cf1c72011a6bc4390da588d6f624f4838b52d7907e40908fdc11005d7c7e99db96"}) 00:23:10 executing program 1: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000140)='^@[-)%+/-[&/{--#[\x00') 00:23:14 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xd3, 0xe0902) ioctl$USBDEVFS_GETDRIVER(r0, 0x8004551a, &(0x7f0000000080)={0x0, "da5672f096fc91e1833451a8fffde8f798f194f41cf7d23edd29e8c9054fe8a84b4ab54851fb6e52b14b6de613d2683e31e1a4c95584bf844b5aa7dfea456c9b93ea7caf4b014860f6c9ed2c984dc9a715bd58d8abf9c4d5f67df6a15d7379d2aeeace7104aa588644f7a19841107db73f8c8340d11dfc05817e3ac376382d84d7d93a896808696d6adcac3225c90803a33c1c37a5c012a5d1fdb223a9485fe18a590cbb642ea4686c6defcaa91f3e88c6b6f145699023a804a837f55a124bbeddddea7eb48452ead37fa33c86069391019d2317d55969916b4f463d032b49cf1c72011a6bc4390da588d6f624f4838b52d7907e40908fdc11005d7c7e99db96"}) 00:23:14 executing program 1: prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000140)='^@[-)%+/-[&/{--#[\x00') 00:23:20 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xd3, 0xe0902) ioctl$USBDEVFS_GETDRIVER(r0, 0x8004551a, &(0x7f0000000080)={0x0, "da5672f096fc91e1833451a8fffde8f798f194f41cf7d23edd29e8c9054fe8a84b4ab54851fb6e52b14b6de613d2683e31e1a4c95584bf844b5aa7dfea456c9b93ea7caf4b014860f6c9ed2c984dc9a715bd58d8abf9c4d5f67df6a15d7379d2aeeace7104aa588644f7a19841107db73f8c8340d11dfc05817e3ac376382d84d7d93a896808696d6adcac3225c90803a33c1c37a5c012a5d1fdb223a9485fe18a590cbb642ea4686c6defcaa91f3e88c6b6f145699023a804a837f55a124bbeddddea7eb48452ead37fa33c86069391019d2317d55969916b4f463d032b49cf1c72011a6bc4390da588d6f624f4838b52d7907e40908fdc11005d7c7e99db96"}) 00:23:20 executing program 1: fanotify_init(0x180, 0x0) 00:23:24 executing program 1: fanotify_init(0x180, 0x0) 00:23:24 executing program 0: r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0xd3, 0xe0902) ioctl$USBDEVFS_GETDRIVER(r0, 0x8004551a, &(0x7f0000000080)={0x0, "da5672f096fc91e1833451a8fffde8f798f194f41cf7d23edd29e8c9054fe8a84b4ab54851fb6e52b14b6de613d2683e31e1a4c95584bf844b5aa7dfea456c9b93ea7caf4b014860f6c9ed2c984dc9a715bd58d8abf9c4d5f67df6a15d7379d2aeeace7104aa588644f7a19841107db73f8c8340d11dfc05817e3ac376382d84d7d93a896808696d6adcac3225c90803a33c1c37a5c012a5d1fdb223a9485fe18a590cbb642ea4686c6defcaa91f3e88c6b6f145699023a804a837f55a124bbeddddea7eb48452ead37fa33c86069391019d2317d55969916b4f463d032b49cf1c72011a6bc4390da588d6f624f4838b52d7907e40908fdc11005d7c7e99db96"}) 00:23:30 executing program 1: fanotify_init(0x180, 0x0) 00:23:32 executing program 0: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:36 executing program 1: fanotify_init(0x180, 0x0) 00:23:38 executing program 0: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:41 executing program 1: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:42 executing program 0: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:45 executing program 1: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:47 executing program 0: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:49 executing program 1: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0xfe, 0x1, 0x2000) msgsnd(r0, &(0x7f0000000000)={0x2}, 0x8, 0x0) 00:23:51 executing program 0: prctl$PR_MCE_KILL(0x21, 0x3, 0x0) 00:23:53 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0}) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f00000000c0)={r1}, 0x10) 00:23:54 executing program 0: prctl$PR_MCE_KILL(0x21, 0x3, 0x0) 00:23:56 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0}) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f00000000c0)={r1}, 0x10) 00:23:57 executing program 0: prctl$PR_MCE_KILL(0x21, 0x3, 0x0) 00:23:59 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0}) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f00000000c0)={r1}, 0x10) 00:24:00 executing program 0: prctl$PR_MCE_KILL(0x21, 0x3, 0x0) 00:24:02 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0}) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f00000000c0)={r1}, 0x10) 00:24:04 executing program 0: io_setup(0x6, &(0x7f0000000000)=0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r2 = eventfd2(0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}]) 00:24:05 executing program 1: keyctl$negate(0xd, 0x0, 0x0, 0xfffffffffffffff9) 00:24:08 executing program 0: io_setup(0x6, &(0x7f0000000000)=0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r2 = eventfd2(0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}]) 00:24:08 executing program 1: keyctl$negate(0xd, 0x0, 0x0, 0xfffffffffffffff9) 00:24:11 executing program 1: keyctl$negate(0xd, 0x0, 0x0, 0xfffffffffffffff9) 00:24:13 executing program 0: io_setup(0x6, &(0x7f0000000000)=0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r2 = eventfd2(0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}]) 00:24:15 executing program 1: keyctl$negate(0xd, 0x0, 0x0, 0xfffffffffffffff9) 00:24:16 executing program 0: io_setup(0x6, &(0x7f0000000000)=0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r2 = eventfd2(0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}]) 00:24:18 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0x0, 0x0, 'nr0\x00', 'erspan0\x00', {}, {}, 0x21}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x4, 0x92dc, 0x5fb, 'snmp\x00', 'syz0\x00', {0x1}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}}, @inet=@rpfilter={{0x28}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300) 00:24:22 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}}, 0x0) [ 1464.327940][ T2990] xt_CT: No such helper "snmp" 00:24:25 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0x0, 0x0, 'nr0\x00', 'erspan0\x00', {}, {}, 0x21}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x4, 0x92dc, 0x5fb, 'snmp\x00', 'syz0\x00', {0x1}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}}, @inet=@rpfilter={{0x28}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300) 00:24:26 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}}, 0x0) [ 1470.837199][ T2998] xt_CT: No such helper "snmp" 00:24:30 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}}, 0x0) 00:24:31 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0x0, 0x0, 'nr0\x00', 'erspan0\x00', {}, {}, 0x21}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x4, 0x92dc, 0x5fb, 'snmp\x00', 'syz0\x00', {0x1}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}}, @inet=@rpfilter={{0x28}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300) [ 1476.468991][ T3004] xt_CT: No such helper "snmp" 00:24:36 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}}, 0x0) 00:24:36 executing program 1: r0 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x208, 0xffffffff, 0xffffffff, 0x208, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @local, 0x0, 0x0, 'nr0\x00', 'erspan0\x00', {}, {}, 0x21}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x4, 0x92dc, 0x5fb, 'snmp\x00', 'syz0\x00', {0x1}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}}, @inet=@rpfilter={{0x28}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300) [ 1481.368720][ T3010] xt_CT: No such helper "snmp" 00:24:43 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:24:44 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:24:46 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:24:47 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) [ 1489.333506][ C1] hrtimer: interrupt took 2078600 ns 00:24:50 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:24:50 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:24:54 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:24:54 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:24:57 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:24:58 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:25:00 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:25:01 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:25:04 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)) 00:25:05 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000180)={'filter\x00', 0x7, 0x4, 0x3a0, 0xe8, 0xe8, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@local, @dev, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="9841f90f74f5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz_tun\x00', 'netpci0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@MARK={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) 00:25:09 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:25:10 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:25:14 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:25:16 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:25:18 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:25:35 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:25:37 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:25:58 executing program 1: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:26:10 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:26:23 executing program 1: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:26:38 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:26:48 executing program 1: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:26:59 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:27:18 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:27:26 executing program 0: r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001a000b05"], 0x1c}}, 0x0) recvmmsg(r1, &(0x7f0000003640)=[{{0x0, 0x0, 0x0}}], 0x300, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, 0x0) 00:27:39 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:27:47 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:27:52 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:27:58 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) 00:28:02 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1685.468592][ T3102] loop1: detected capacity change from 0 to 264192 00:28:05 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000200)='u', 0x1, 0x44, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendto$inet(r0, &(0x7f00000003c0)="13", 0x1, 0x40040, &(0x7f0000000440)={0x2, 0x0, @private=0xa010101}, 0x10) ioctl$TCXONC(r1, 0x540f, 0xea007) close(r0) [ 1687.412782][ T3102] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. 00:28:07 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1692.250796][ T3114] loop1: detected capacity change from 0 to 264192 [ 1693.985987][ T3114] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. 00:28:13 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) 00:28:14 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1696.022783][ T3121] loop0: detected capacity change from 0 to 264192 [ 1697.632342][ T3121] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1697.984631][ T3128] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters [ 1699.017034][ T3130] loop1: detected capacity change from 0 to 264192 00:28:18 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1699.997773][ T3130] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. 00:28:20 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1702.751768][ T3139] loop0: detected capacity change from 0 to 264192 [ 1704.038637][ T3139] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1705.382044][ T3146] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters [ 1705.721245][ T3148] loop1: detected capacity change from 0 to 264192 00:28:25 executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1706.522277][ T3148] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1709.212516][ T3157] loop0: detected capacity change from 0 to 264192 [ 1709.259027][ T3152] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters 00:28:28 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1710.802422][ T3157] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1712.598380][ T3164] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters [ 1712.716840][ T3166] loop1: detected capacity change from 0 to 264192 00:28:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c, 0x0}}, {{&(0x7f00000004c0)={0xa, 0x4e2c, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f00000019c0)=ANY=[], 0x28}}], 0x2, 0x0) [ 1714.361327][ T3166] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. 00:28:35 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) [ 1716.692328][ T3171] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters 00:28:36 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c, 0x0}}, {{&(0x7f00000004c0)={0xa, 0x4e2c, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f00000019c0)=ANY=[], 0x28}}], 0x2, 0x0) [ 1719.366145][ T3180] loop1: detected capacity change from 0 to 264192 [ 1720.720046][ T3180] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1720.839099][ T3185] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters 00:28:39 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c, 0x0}}, {{&(0x7f00000004c0)={0xa, 0x4e2c, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f00000019c0)=ANY=[], 0x28}}], 0x2, 0x0) 00:28:41 executing program 1: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000600100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e2f4655f000000000000000001000000000000000b0000000001000008000000d24201001283", 0x66, 0x400}, {&(0x7f0000010100)="0000000000000000000000009b94b11e46934f5489a26265ae170793010040", 0x1f, 0x4e0}, {&(0x7f0000000040)="02000000030000000400000016000f000300040000000000000000000f00c5d7", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e2f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4100}, {0x0, 0x0, 0x80000004b00}, {&(0x7f0000000080)}], 0x0, &(0x7f0000000140)=ANY=[]) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0) fchmod(0xffffffffffffffff, 0x0) 00:28:43 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @dev}, 0x1c, 0x0}}, {{&(0x7f00000004c0)={0xa, 0x4e2c, 0x0, @private2}, 0x1c, 0x0, 0x0, &(0x7f00000019c0)=ANY=[], 0x28}}], 0x2, 0x0) [ 1725.598862][ T3192] loop1: detected capacity change from 0 to 264192 [ 1726.902628][ T3192] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. 00:28:49 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newlinkprop={0x4c, 0x6c, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth1_to_team\x00'}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ipvlan1\x00'}]}]}, 0x4c}}, 0x0) [ 1731.234461][ T3198] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1141: group 0, block bitmap and bg descriptor inconsistent: 32768 vs 22 free clusters 00:28:54 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newlinkprop={0x4c, 0x6c, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth1_to_team\x00'}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ipvlan1\x00'}]}]}, 0x4c}}, 0x0) 00:28:55 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x2, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 00:28:58 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x2, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 00:28:58 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newlinkprop={0x4c, 0x6c, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth1_to_team\x00'}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ipvlan1\x00'}]}]}, 0x4c}}, 0x0) 00:29:01 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newlinkprop={0x4c, 0x6c, 0x1, 0x0, 0x0, {}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'veth1_to_team\x00'}, @IFLA_PROP_LIST={0x18, 0x34, 0x0, 0x1, [{0x14, 0x35, 'ipvlan1\x00'}]}]}, 0x4c}}, 0x0) 00:29:02 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x2, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 00:29:05 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(r1, &(0x7f0000005040)={0x0, 0x0, &(0x7f0000005000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x2, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 00:29:07 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000006880)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) close(r0) 00:29:10 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000006880)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) close(r0) 00:29:13 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x14, 0x0, 0x0) 00:29:14 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000006880)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) close(r0) 00:29:15 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x14, 0x0, 0x0) 00:29:18 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r0, &(0x7f0000006880)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, 0x0}}], 0x1, 0x8000) close(r0) 00:29:19 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x14, 0x0, 0x0) 00:29:23 executing program 0: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, 0x0, 0x0) 00:29:23 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout_data(r0, 0x107, 0x14, 0x0, 0x0) 00:29:26 executing program 0: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, 0x0, 0x0) 00:29:27 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:30 executing program 0: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, 0x0, 0x0) 00:29:30 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:34 executing program 0: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000)) ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, 0x0, 0x0) 00:29:35 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:39 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:42 executing program 0: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:46 executing program 0: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:47 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:49 executing program 0: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:50 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:29:57 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:29:57 executing program 1: r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) setreuid(0xee00, 0x0) r1 = getuid() setreuid(0xee00, r1) ioctl$EXT4_IOC_MIGRATE(r0, 0x40087602) 00:30:03 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:07 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:11 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:12 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:16 executing program 0: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:17 executing program 1: r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0xc82, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000680)="ec7f5bae03acc04d05c3dba429cd385b984fe774c090cf4f49357e35abe6dc01ae96b5494e9c987ade15cc6fded6e3ae5db3ab89f0f798ae14a8ebb578f5b6aff14b230d7a732a73fffff1b88a05c3125fddf10f5ebc0271e38b9f7589987b54", 0x60}], 0x1) 00:30:23 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x40000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) 00:30:26 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_MARK={0x8, 0x10, 0xa}]}, 0x24}}, 0x0) 00:30:29 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_MARK={0x8, 0x10, 0xa}]}, 0x24}}, 0x0) 00:30:30 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x40000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) 00:30:33 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_MARK={0x8, 0x10, 0xa}]}, 0x24}}, 0x0) 00:30:36 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x40000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) 00:30:36 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv6_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x2}, [@RTA_MARK={0x8, 0x10, 0xa}]}, 0x24}}, 0x0) 00:30:40 executing program 1: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x40000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) [ 1844.264850][ T3306] ================================================================== [ 1844.270821][ T3306] BUG: KASAN: use-after-free in kernfs_link_sibling+0x11e/0x288 [ 1844.272725][ T3306] Read of size 4 at addr ffffaf800d2d80b0 by task syz-executor.1/3306 [ 1844.276317][ T3306] [ 1844.277769][ T3306] CPU: 1 PID: 3306 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1844.279955][ T3306] Hardware name: riscv-virtio,qemu (DT) [ 1844.281398][ T3306] Call Trace: [ 1844.282552][ T3306] [] dump_backtrace+0x2e/0x3c [ 1844.285238][ T3306] [] show_stack+0x34/0x40 [ 1844.286812][ T3306] [] dump_stack_lvl+0xe4/0x150 [ 1844.288499][ T3306] [] print_address_description.constprop.0+0x2a/0x330 [ 1844.290196][ T3306] [] kasan_report+0x184/0x1e0 [ 1844.291696][ T3306] [] __asan_load4+0x6e/0x96 [ 1844.293862][ T3306] [] kernfs_link_sibling+0x11e/0x288 [ 1844.296725][ T3306] [] kernfs_add_one+0x1ba/0x30e [ 1844.298335][ T3306] [] kernfs_create_dir_ns+0xea/0x184 [ 1844.299850][ T3306] [] sysfs_create_dir_ns+0x10c/0x1ee [ 1844.301383][ T3306] [] kobject_add_internal+0x1cc/0x65e [ 1844.303018][ T3306] [] kobject_add+0x10e/0x1ae [ 1844.305597][ T3306] [] device_add+0x2b0/0x129e [ 1844.307384][ T3306] [] device_create_groups_vargs+0x160/0x17e [ 1844.309167][ T3306] [] device_create+0xae/0xe2 [ 1844.310677][ T3306] [] bdi_register_va.part.0+0xbe/0x5dc [ 1844.312276][ T3306] [] bdi_register_va+0x60/0x64 [ 1844.314987][ T3306] [] super_setup_bdi_name+0xbc/0x17c [ 1844.316850][ T3306] [] fuse_fill_super_common+0x370/0x80e [ 1844.318581][ T3306] [] fuse_fill_super+0x13a/0x18c [ 1844.320446][ T3306] [] get_tree_nodev+0xa8/0x128 [ 1844.322991][ T3306] [] fuse_get_tree+0x198/0x384 [ 1844.325637][ T3306] [] vfs_get_tree+0x4a/0x19c [ 1844.327199][ T3306] [] path_mount+0xe9c/0x14dc [ 1844.328827][ T3306] [] sys_mount+0x360/0x3ee [ 1844.330384][ T3306] [] ret_from_syscall+0x0/0x2 [ 1844.332011][ T3306] [ 1844.333003][ T3306] Allocated by task 0: [ 1844.334472][ T3306] (stack is not available) [ 1844.336178][ T3306] [ 1844.337167][ T3306] Freed by task 2094: [ 1844.338320][ T3306] stack_trace_save+0xa6/0xd8 [ 1844.339718][ T3306] kasan_save_stack+0x2c/0x58 [ 1844.341158][ T3306] kasan_set_track+0x1a/0x26 [ 1844.342522][ T3306] kasan_set_free_info+0x1e/0x3a [ 1844.344493][ T3306] ____kasan_slab_free+0x15e/0x180 [ 1844.346058][ T3306] __kasan_slab_free+0x10/0x18 [ 1844.347471][ T3306] slab_free_freelist_hook+0x8e/0x1cc [ 1844.349037][ T3306] kfree+0xe0/0x3e4 [ 1844.350388][ T3306] skb_release_data+0x3c2/0x3c4 [ 1844.351712][ T3306] consume_skb+0x96/0x136 [ 1844.353016][ T3306] nsim_dev_trap_report_work+0x524/0x5e4 [ 1844.355197][ T3306] process_one_work+0x654/0xffe [ 1844.356614][ T3306] worker_thread+0x360/0x8fa [ 1844.357873][ T3306] kthread+0x19e/0x1fa [ 1844.359134][ T3306] ret_from_exception+0x0/0x10 [ 1844.360470][ T3306] [ 1844.361255][ T3306] The buggy address belongs to the object at ffffaf800d2d8000 [ 1844.361255][ T3306] which belongs to the cache kmalloc-4k of size 4096 [ 1844.363421][ T3306] The buggy address is located 176 bytes inside of [ 1844.363421][ T3306] 4096-byte region [ffffaf800d2d8000, ffffaf800d2d9000) [ 1844.367465][ T3306] The buggy address belongs to the page: [ 1844.369298][ T3306] page:ffffaf807a9fdcc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8d4d8 [ 1844.371663][ T3306] head:ffffaf807a9fdcc0 order:3 compound_mapcount:0 compound_pincount:0 [ 1844.373421][ T3306] flags: 0x8800010200(slab|head|section=17|node=0|zone=0) [ 1844.376565][ T3306] raw: 0000008800010200 0000000000000000 0000000000000122 ffffaf8007202140 [ 1844.378224][ T3306] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 1844.379610][ T3306] raw: 00000000000007ff [ 1844.380676][ T3306] page dumped because: kasan: bad access detected [ 1844.382105][ T3306] page_owner tracks the page as allocated [ 1844.383724][ T3306] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2094, ts 1818101189500, free_ts 1817317906900 [ 1844.387014][ T3306] __set_page_owner+0x48/0x136 [ 1844.388544][ T3306] post_alloc_hook+0xd0/0x10a [ 1844.389878][ T3306] get_page_from_freelist+0x8da/0x12d8 [ 1844.391434][ T3306] __alloc_pages+0x150/0x3b6 [ 1844.393237][ T3306] alloc_pages+0x132/0x2a6 [ 1844.395237][ T3306] alloc_slab_page.constprop.0+0xc2/0xfa [ 1844.396854][ T3306] new_slab+0x76/0x2cc [ 1844.398110][ T3306] ___slab_alloc+0x56e/0x918 [ 1844.399443][ T3306] __slab_alloc.constprop.0+0x50/0x8c [ 1844.400886][ T3306] __kmalloc_node_track_caller+0x26c/0x362 [ 1844.402373][ T3306] __alloc_skb+0xee/0x2e4 [ 1844.404367][ T3306] nsim_dev_trap_report_work+0x1c2/0x5e4 [ 1844.406569][ T3306] process_one_work+0x654/0xffe [ 1844.407955][ T3306] worker_thread+0x360/0x8fa [ 1844.409177][ T3306] kthread+0x19e/0x1fa [ 1844.410605][ T3306] ret_from_exception+0x0/0x10 [ 1844.412685][ T3306] page last free stack trace: [ 1844.414255][ T3306] __reset_page_owner+0x4a/0xea [ 1844.416394][ T3306] free_pcp_prepare+0x29c/0x45e [ 1844.417839][ T3306] free_unref_page+0x6a/0x31e [ 1844.419082][ T3306] __free_pages+0xe2/0x112 [ 1844.420862][ T3306] __free_slab+0x122/0x27c [ 1844.422125][ T3306] discard_slab+0x4c/0x7a [ 1844.424072][ T3306] __slab_free+0x20a/0x29c [ 1844.426010][ T3306] ___cache_free+0x17c/0x354 [ 1844.427412][ T3306] qlist_free_all+0x7c/0x132 [ 1844.428711][ T3306] kasan_quarantine_reduce+0x14c/0x1c8 [ 1844.430018][ T3306] __kasan_slab_alloc+0x5c/0x98 [ 1844.431326][ T3306] kmem_cache_alloc+0x338/0x3de [ 1844.432684][ T3306] alloc_buffer_head+0x28/0x148 [ 1844.434582][ T3306] alloc_page_buffers+0x2ac/0x5be [ 1844.436562][ T3306] __getblk_slow+0x388/0x738 [ 1844.437847][ T3306] __getblk_gfp+0x74/0x78 [ 1844.439414][ T3306] [ 1844.440633][ T3306] Memory state around the buggy address: [ 1844.443090][ T3306] ffffaf800d2d7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1844.446127][ T3306] ffffaf800d2d8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1844.448925][ T3306] >ffffaf800d2d8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1844.450345][ T3306] ^ [ 1844.451682][ T3306] ffffaf800d2d8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1844.453277][ T3306] ffffaf800d2d8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1844.455677][ T3306] ================================================================== [ 1844.457180][ T3306] Disabling lock debugging due to kernel taint 00:30:43 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x40000, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}}) openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) [ 1844.520874][ T3306] Unable to handle kernel access to user memory without uaccess routines at virtual address 0000000000000008 [ 1844.556928][ T3306] Oops [#1] [ 1844.557987][ T3306] Modules linked in: [ 1844.559125][ T3306] CPU: 1 PID: 3306 Comm: syz-executor.1 Tainted: G B 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1844.560916][ T3306] Hardware name: riscv-virtio,qemu (DT) [ 1844.561994][ T3306] epc : rb_insert_color+0x48/0x246 [ 1844.563343][ T3306] ra : rb_insert_color+0x48/0x246 [ 1844.564465][ T3306] epc : ffffffff80c26304 ra : ffffffff80c26304 sp : ffffaf800e703240 [ 1844.565529][ T3306] gp : ffffffff85863ac0 tp : ffffaf800bf41840 t0 : 0000000000000000 [ 1844.566559][ T3306] t1 : 0000000000006000 t2 : 00007fffffe501b7 s0 : ffffaf800e703280 [ 1844.567599][ T3306] s1 : ffffaf800d2d8090 a0 : 0000000000000000 a1 : 0000000000000008 [ 1844.568761][ T3306] a2 : 0000000000000000 a3 : ffffffff80c26304 a4 : ffffffff85892ec8 [ 1844.569888][ T3306] a5 : 0000000000000001 a6 : 0000000000f00000 a7 : ffffaf805a9e44c7 [ 1844.570922][ T3306] s2 : 0000000000000000 s3 : ffffaf800d9e2128 s4 : ffffaf800d2d8098 [ 1844.572081][ T3306] s5 : ffffaf800d2c27b0 s6 : 0000000000000000 s7 : ffffaf800d9e2118 [ 1844.573214][ T3306] s8 : ffffaf800d83f1e0 s9 : 0000000000000000 s10: ffffaf800d9e2140 [ 1844.574230][ T3306] s11: ffffaf800ed24f40 t3 : 000000007fffffff t4 : fffff5ef0b53c898 [ 1844.575186][ T3306] t5 : fffff5ef0b53c899 t6 : 0000000000040000 [ 1844.576140][ T3306] status: 0000000000000120 badaddr: 0000000000000008 cause: 000000000000000d [ 1844.577321][ T3306] [] kernfs_link_sibling+0x1d0/0x288 [ 1844.579383][ T3306] [] kernfs_add_one+0x1ba/0x30e [ 1844.580535][ T3306] [] kernfs_create_dir_ns+0xea/0x184 [ 1844.581691][ T3306] [] sysfs_create_dir_ns+0x10c/0x1ee [ 1844.582790][ T3306] [] kobject_add_internal+0x1cc/0x65e [ 1844.583998][ T3306] [] kobject_add+0x10e/0x1ae [ 1844.585176][ T3306] [] device_add+0x2b0/0x129e [ 1844.586302][ T3306] [] device_create_groups_vargs+0x160/0x17e [ 1844.587491][ T3306] [] device_create+0xae/0xe2 [ 1844.589904][ T3306] [] bdi_register_va.part.0+0xbe/0x5dc [ 1844.591093][ T3306] [] bdi_register_va+0x60/0x64 [ 1844.592198][ T3306] [] super_setup_bdi_name+0xbc/0x17c [ 1844.593241][ T3306] [] fuse_fill_super_common+0x370/0x80e [ 1844.595660][ T3306] [] fuse_fill_super+0x13a/0x18c [ 1844.598410][ T3306] [] get_tree_nodev+0xa8/0x128 [ 1844.601043][ T3306] [] fuse_get_tree+0x198/0x384 [ 1844.603635][ T3306] [] vfs_get_tree+0x4a/0x19c [ 1844.607857][ T3306] [] path_mount+0xe9c/0x14dc [ 1844.609587][ T3306] [] sys_mount+0x360/0x3ee [ 1844.611857][ T3306] [] ret_from_syscall+0x0/0x2 [ 1844.622396][ T3306] ---[ end trace 0000000000000000 ]--- [ 1844.718367][ T3306] Kernel panic - not syncing: Fatal exception [ 1844.733249][ T3306] SMP: stopping secondary CPUs [ 1844.735193][ T3306] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:37:44 Registers: info registers vcpu 0 pc ffffffff8010c21a mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8011243a sepc ffffffff831afd22 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8010c21a x2/sp ffffaf8021eb3050 x3/gp ffffffff85863ac0 x4/tp ffffaf800bf46100 x5/t0 0000000000046000 x6/t1 395edb06152c9f00 x7/t2 0000000000000001 x8/s0 ffffaf8021eb30b0 x9/s1 ffffaf800bf46100 x10/a0 ffffaf800bf46120 x11/a1 0000000000000003 x12/a2 1ffff5f0017e8c24 x13/a3 ffffffff8010c21a x14/a4 0000000000000000 x15/a5 ffffaf800bf46120 x16/a6 0000000000f00000 x17/a7 ffffffff800c889c x18/s2 0000000000000000 x19/s3 0000000000000000 x20/s4 ffffaf805a9d8c98 x21/s5 ffffffff8586fd20 x22/s6 ffffffff8343c840 x23/s7 0000000000000000 x24/s8 0000000000000120 x25/s9 ffffffff86c1a620 x26/s10 0000000000001000 x27/s11 ffffffff8018e412 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f0043d65c0 x31/t6 0000000000040000 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff80dc337e mhartid 0000000000000001 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80116e52 sepc ffffffff831afd22 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80dc337e x2/sp ffffaf800e702cc0 x3/gp ffffffff85863ac0 x4/tp ffffaf800bf41840 x5/t0 ffffffff86bcb657 x6/t1 395edb06152c9f00 x7/t2 0000000000000000 x8/s0 ffffaf800e702cf0 x9/s1 ffffffff86e58900 x10/a0 ffffffff86e58948 x11/a1 ffff8f800066c000 x12/a2 1ffffffff0dcb129 x13/a3 ffffffff80dc337e x14/a4 0000000000000000 x15/a5 ffffffff86e58948 x16/a6 ffffffff86e589f1 x17/a7 ffffffff80dcc9fe x18/s2 ffff8f800066c000 x19/s3 0000000000000079 x20/s4 ffffffff86e58900 x21/s5 ffffffff80dc333e x22/s6 0000000000000000 x23/s7 ffffffff86bcb69b x24/s8 0000000000000010 x25/s9 ffffffff86e58958 x26/s10 0000000000000010 x27/s11 0000000000000000 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001ce0548 x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000